Commit graph

890 commits

Author SHA1 Message Date
Lunny Xiao
ce840bb177
Fix delete u2f keys modal (#18040) 2021-12-20 14:49:06 +00:00
Wim
6fe756dc93
Add support for ssh commit signing (#17743)
* Add support for ssh commit signing

* Split out ssh verification to separate file

* Show ssh key fingerprint on commit page

* Update sshsig lib

* Make sure we verify against correct namespace

* Add ssh public key verification via ssh signatures

When adding a public ssh key also validate that this user actually
owns the key by signing a token with the private key.

* Remove some gpg references and make verify key optional

* Fix spaces indentation

* Update options/locale/locale_en-US.ini

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Update templates/user/settings/keys_ssh.tmpl

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Update options/locale/locale_en-US.ini

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Update options/locale/locale_en-US.ini

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Update models/ssh_key_commit_verification.go

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Reword ssh/gpg_key_success message

* Change Badsignature to NoKeyFound

* Add sign/verify tests

* Fix upstream api changes to user_model User

* Match exact on SSH signature

* Fix code review remarks

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-19 00:37:18 -05:00
zeripath
8354670708
Prevent hang in git cat-file if repository is not a valid repository and other fixes (#17991)
This PR contains multiple fixes. The most important of which is:

* Prevent hang in git cat-file if the repository is not a valid repository 
    
    Unfortunately it appears that if git cat-file is run in an invalid
    repository it will hang until stdin is closed. This will result in
    deadlocked /pulls pages and dangling git cat-file calls if a broken
    repository is tried to be reviewed or pulls exists for a broken
    repository.

    Fix #14734
    Fix #9271
    Fix #16113

Otherwise there are a few small other fixes included which this PR was initially intending to fix:

* Fix panic on partial compares due to missing PullRequestWorkInProgressPrefixes
* Fix links on pulls pages  due to regression from #17551 - by making most /issues routes match /pulls too - Fix #17983
* Fix links on feeds pages due to another regression from #17551 but also fix issue with syncing tags - Fix #17943
* Add missing locale entries for oauth group claims
* Prevent NPEs if ColorFormat is called on nil users, repos or teams.
2021-12-16 19:01:14 +00:00
KN4CK3R
6ceef87671
Removed SizeFmt. (#17890)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-03 11:33:34 +08:00
Lunny Xiao
baed01f247
Remove unnecessary attributes of User struct (#17745)
* Remove unnecessary functions of User struct

* Move more database methods out of user struct

* Move more database methods out of user struct

* Fix template failure

* Fix bug

* Remove finished FIXME

* remove unnecessary code
2021-11-22 23:21:55 +08:00
Lunny Xiao
c2ab19888f
Support pagination of organizations on user settings pages (#16083)
* Add pagination for user setting orgs
* Use FindOrgs instead of GetOrgsByUserID
* Remove unnecessary functions and fix test
* remove unnecessary code
2021-11-22 21:51:45 +08:00
Gusted
9f14fe43c6
Fix correct usage of teams (#17732)
- `.Teams` isn't a field on the User type, thus using the seperate
loaded teams.
- Add a space between `PathEscape` and argument.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-11-20 11:13:24 +08:00
silverwind
6874fe90e5
Cleanup and use global style on popups (#17674)
* Cleanup and use global style on popups

- Fix typo 'poping' to 'popping'
- Remove most inline 'data-variation' attributes
- Initialize all popups with 'inverted tiny' variation

* misc tweaks

* rename to .tooltip, use jQuery

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-18 11:26:50 +08:00
zeripath
bbffcc3aec
Multiple Escaping Improvements (#17551)
There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this.
    
This is an extensive PR attempting to fix these issues.

1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping.
2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand.
3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 
4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.)
5. The title generation in feeds is now properly escaped.
6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-16 18:18:25 +00:00
Kamil Domański
021df29623
Allow U2F 2FA without TOTP (#11573)
This change enables the usage of U2F without being forced to enroll an TOTP authenticator.
The `/user/auth/u2f` has been changed to hide the "use TOTP instead" bar if TOTP is not enrolled.

Fixes #5410
Fixes #17495
2021-11-08 23:47:19 +01:00
qwerty287
f46e67b519
Move key forms before list and add cancel button (#17432)
* Move GPG form before list and add cancel button
* Move SSH form before list and add cancel button

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-10-28 18:55:48 +08:00
qwerty287
01fc24c78c
Add appearance section in settings (#17433)
* Add appearance section in settings

* Fix lint

* Fix lint

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
2021-10-27 23:40:08 +08:00
Nico Schieder
870f5fbc41
Add groups scope/claim to OIDC/OAuth2 Provider (#17367)
* Add groups scope/claim to OICD/OAuth2

Add support for groups claim as part of the OIDC/OAuth2 flow.
Groups is a list of "org" and "org:team" strings to allow clients to
authorize based on the groups a user is part of.

Signed-off-by: Nico Schieder <code@nico-schieder.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-10-22 17:19:24 +08:00
zeripath
e2a59c57fc
Fix dashboard repolist alignment and repolisting (#17355)
Unfortunately #17301 broke the restriction of the dashboard repolist to
the user's repos because it stopped passing in the uid for the current
user. This PR restores this.

There is also a weird alignment problem - not caused by that PR - where
the menu items in the repolist spread over multiple lines. This PR
simply reduces the padding on these items and switches the justification
of the flex elements to space-evenly.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-10-19 12:38:33 +08:00
wxiaoguang
4822eed99d
Disable form autofill (#17291)
]* fix aria-hidden and tabindex

* use {{template "base/disable_form_autofill"}} instead of {{DisableFormAutofill}}

Co-authored-by: zeripath <art27@cantab.net>
2021-10-19 01:08:41 +03:00
wxiaoguang
56362043d3
Frontend refactor: move Vue related code from index.js to components dir, and remove unused codes. (#17301)
* frontend refactor

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Update templates/base/head.tmpl

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/developers/guidelines-frontend.md

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

* fix typo

* fix typo

* refactor PageData to pageData

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Simply for the visual difference.

Co-authored-by: delvh <dev.lh@web.de>

* Revert "Apply suggestions from code review"

This reverts commit 4d78ad9b0e96ca180e0823de17659a2e0814c099.

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-10-15 10:35:26 +08:00
zeripath
268b2d0c91
Prevent leave changes dialogs due to autofill fields (#16912)
Add ignore-dirty to /user/settings/account
Add autocomplete="off" to push_mirror_address form on /:owner/:repo/settings

Fix #16861

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-09-02 13:14:37 +01:00
zeripath
e37342db0c
Add modals to Organization and Team remove/leave (#16471)
* Add modals to Organization and Team remove/leave

Add confirmation modals to Organization and Team remove and leave.

Fix #16215

Signed-off-by: Andrew Thornton <art27@cantab.net>

* avoid for-in

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Revert "avoid for-in"

This reverts commit 2af9a6f9d46ed31b6fc6e3a29e695577dcf09f75.

* Apply suggestions from code review

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-08-26 22:57:40 -04:00
zeripath
ba6baff696
Report the correct number of pushes on the feeds (#16811)
* Report the correct number of pushes on the feeds

Since the number of commits in the Action table has been limited to 5
the number of commits reported on the feeds page is now incorrectly also
limited to 5. The correct number is available as the Len and this PR
changes this to report this.

Fix #16804

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update templates/user/dashboard/feeds.tmpl

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-08-25 19:04:58 -04:00
KN4CK3R
0bd58d61e5
Added introspection endpoint. (#16752)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-08-20 22:16:45 -04:00
KN4CK3R
d9ef43a712
Replace list.List with slices (#16311)
* Replaced list with slice.

* Fixed usage of pointer to temporary variable.

* Replaced LIFO list with slice.

* Lint

* Removed type check.

* Removed duplicated code.

* Lint

* Fixed merge.

Co-authored-by: 6543 <6543@obermui.de>
2021-08-09 14:08:51 -04:00
zeripath
5d2e11eedb
Refactor: Move login out of models (#16199)
`models` does far too much. In particular it handles all `UserSignin`.

It shouldn't be responsible for calling LDAP, SMTP or PAM for signing in.

Therefore we should move this code out of `models`.

This code has to depend on `models` - therefore it belongs in `services`.

There is a package in `services` called `auth` and clearly this functionality belongs in there.

Plan:

- [x] Change `auth.Auth` to `auth.Method` - as they represent methods of authentication.
- [x] Move `models.UserSignIn` into `auth`
- [x] Move `models.ExternalUserLogin`
- [x] Move most of the `LoginVia*` methods to `auth` or subpackages
- [x] Move Resynchronize functionality to `auth`
  - Involved some restructuring of `models/ssh_key.go` to reduce the size of this massive file and simplify its files.
- [x] Move the rest of the LDAP functionality in to the ldap subpackage
- [x] Re-factor the login sources to express an interfaces `auth.Source`?
  - I've done this through some smaller interfaces Authenticator and Synchronizable - which would allow us to extend things in future
- [x] Now LDAP is out of models - need to think about modules/auth/ldap and I think all of that functionality might just be moveable
- [x] Similarly a lot Oauth2 functionality need not be in models too and should be moved to services/auth/source/oauth2
  - [x] modules/auth/oauth2/oauth2.go uses xorm... This is naughty - probably need to move this into models.
  - [x] models/oauth2.go - mostly should be in modules/auth/oauth2 or services/auth/source/oauth2 
- [x] More simplifications of login_source.go may need to be done
- Allow wiring in of notify registration -  *this can now easily be done - but I think we should do it in another PR*  - see #16178 
- More refactors...?
  - OpenID should probably become an auth Method but I think that can be left for another PR
  - Methods should also probably be cleaned up  - again another PR I think.
  - SSPI still needs more refactors.* Rename auth.Auth auth.Method
* Restructure ssh_key.go

- move functions from models/user.go that relate to ssh_key to ssh_key
- split ssh_key.go to try create clearer function domains for allow for
future refactors here.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-24 11:16:34 +01:00
Stanley Hu
08ef45b359
Add fluid to ui container class to remove margin (#16396) 2021-07-20 08:22:23 +02:00
Jonathan Herlin
fd3f149abd
Improve 2FA autofill (#16473)
This improves the autofill suggestion on mobile devices and some password managers
2021-07-18 02:06:22 +02:00
a1012112796
ec357833bc
show tag name on dashboard items list (#16466)
fix #16458

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-07-17 23:21:04 +02:00
zeripath
93f31e1897
Update notification table with only latest data (#16445)
When marking notifications read the results may be returned out of order
or be delayed.  This PR sends a sequence number to gitea so that the
browser can ensure that only the results of the latest notification
change are shown.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-07-17 17:18:10 +01:00
Meano
423a0fccb6
Fix activation of primary email addresses (#16385)
* fix: primary email cannot be activated

* Primary email should be activated together with user account when
'RegisterEmailConfirm' is enabled.

* To fix the existing error state. When 'RegisterEmailConfirm' is enabled, the
admin should have permission to modify the activations status of user email.
And the user should be allowed to send activation to primary email.

* Only judge whether email is primary from email_address table.

* Improve logging and refactor isEmailActive

Co-authored-by: zeripath <art27@cantab.net>
2021-07-13 22:59:27 +02:00
zeripath
b82293270c
Add option to provide signature for a token to verify key ownership (#14054)
* Add option to provide signed token to verify key ownership

Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.

* Ensure verified keys can act for all active emails for the user

* Add code to mark keys as verified

* Slight UI adjustments

* Slight UI adjustments 2

* Simplify signature verification slightly

* fix postgres test

* add api routes

* handle swapped primary-keys

* Verify the no-reply address for verified keys

* Only add email addresses that are activated to keys

* Fix committer shortcut properly

* Restructure gpg_keys.go

* Use common Verification Token code

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-13 15:28:07 +02:00
KN4CK3R
aac663e0da
Implemented head_commit for webhooks (#16282)
* Removed Len field.

* Added head_commit webhook field.

* Added comment for returns.
2021-06-29 15:34:03 +02:00
6543
0b27b93728
Make allowed Visiblity modes configurable for Users (#16271)
Now that #16069 is merged, some sites may wish to enforce that users are all public, limited or private, and/or disallow users from becoming private.

This PR adds functionality and settings to constrain a user's ability to change their visibility.

Co-authored-by: zeripath <art27@cantab.net>
2021-06-27 19:47:35 +01:00
Sergey Dryabzhinsky
22a0636544
Add Visible modes function from Organisation to Users too (#16069)
You can limit or hide organisations. This pull make it also posible for users

- new strings to translte
- add checkbox to user profile form
- add checkbox to admin user.edit form
- filter explore page user search
- filter api admin and public user searches
- allow admins view "hidden" users
- add app option DEFAULT_USER_VISIBILITY
- rewrite many files to use Visibility field
- check for teams intersection
- fix context output
- right fake 404 if not visible

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-06-26 20:53:14 +01:00
John Olheiser
622f1e764c
Add better errors for disabled account recovery (#15117)
Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-06-25 23:16:36 -05:00
6543
889dea8fc1
Remove User.GetOrganizations() (#14032)
as title
2021-06-18 19:00:53 +02:00
KN4CK3R
29695cd6d5
Add asymmetric JWT signing (#16010)
* Added asymmetric token signing.

* Load signing key from settings.

* Added optional kid parameter.

* Updated documentation.

* Add "kid" to token header.
2021-06-17 23:56:46 +02:00
KN4CK3R
1295e750b4
Add OpenID claims "profile" and "email". (#16141)
* Added OpenID claims "profile" and "email".

* Splitted error.

* Added scopes_supported and claims_supported.

* Added more metadata.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-06-14 13:33:16 +03:00
silverwind
308b562b3c
Remove remaining fontawesome usage in templates (#15952)
Can not remove the dependency yet because easymde depends on it.
2021-05-22 23:29:46 +02:00
silverwind
a32bfd867d
Issue sidebar and misc css fixes (#15524)
- Replace remaining font icons with SVG in issue sidebar
- Rework issue due date display
- Realign avatar in timeline
- Fix font size in repo search and code explore
- Consolidate active button styles
- Fix loading form on arc-green
- Align time tracker buttons vertically

Fixes: https://github.com/go-gitea/gitea/issues/15896
2021-05-16 22:18:18 +02:00
zeripath
f582ec4e53
Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304)
* Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username

ReverseProxy users should generate a session on reverse proxy username change.

Also prevent ReverseProxy users from changing their username.

Fix #2407

* add testcase

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-05-15 20:33:13 +02:00
6543
a229e34387
Allow only internal registration (#15795)
* Add ALLOW_ONLY_INTERNAL_REGISTRATION into settings

* OpenID respect setting too
2021-05-09 16:13:35 +02:00
6543
640066840e
Use a generic markup class to display externally rendered files and diffs (#15735)
* creates and implements generic markup less class

* How to give custom CSS to externally rendered html

* Clarifies sources of CSS styling of markup

* further clarification of sources of markup styling

* rename _markdown to _markup

* remove defunct import

* fix orphaned reference

* Update docs/content/doc/advanced/external-renderers.en-us.md

* more renames markdown -> markup

* do not suggest less customization

* add back tokens

* fix class whitespace, remove useless if-clause

* remove unused csv-data rules

* use named exports and rename functions

* sort imports

Co-authored-by: HarvsG <11440490+HarvsG@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2021-05-07 10:43:41 +02:00
N. L. H
45970ae82e
Feature/oauth userinfo (#15721)
* Implemented userinfo #8534

* Make lint happy

* Add userinfo endpoint to openid-configuration

* Give an error when uid equals 0

* Implemented BearerTokenErrorCode handling

* instead of ctx.error use ctx.json so that clients
parse error and error_description correctly

* Removed unneeded if statement

* Use switch instead of subsequent if statements
Have a default for unknown errorcodes.

Co-authored-by: Nils Hillmann <hillmann@nlh-software.de>
Co-authored-by: nlhsoftware <nlhsoftware@noreply.localhost>
2021-05-06 01:30:15 -04:00
KN4CK3R
7670c1c99e
Fixed several activation bugs (#15473)
* Removed unneeded form tag.

* Fixed typo.

* Fixed NPE.

* Use better error page.

* Splitted GET and POST.
2021-04-30 22:21:33 +02:00
KN4CK3R
c80d7f33b6
Unified link creation. (#15619) 2021-04-30 19:25:13 +02:00
techknowlogick
024ef3940f
add well-known config for OIDC (#15355)
* add well-known config for OIDC

* spacing per feedback

* Update oidc_wellknown.tmpl

* add id_token

* Update oidc_wellknown.tmpl

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-04-15 22:32:00 -04:00
Kyle D
f44543a1bb
Disable Stars config option (#14653)
* Add config option to disable stars

* Replace "stars" with watched in user profile

* Add documentation
2021-04-15 18:53:57 +02:00
KN4CK3R
cf8f66e5dc
Use subdir for URL (#15446)
Fixes #15444
2021-04-14 20:43:17 +01:00
KN4CK3R
bf3e584de2
Fix repository search (#15428)
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-04-12 22:09:46 -04:00
silverwind
d848098f60
Enforce tab indentation in templates (#15289)
* Enforce tab indendation in templates

This adds editorconfig-checker [1] to lint the template files so they
conform the editorconfig files. I fixed all current identation issues
using the fix mode of eclint [2] and some manual corrections.

We can extend this linting to other files later, for now I'd like this
PR to focus on HTML template files only.

[1] https://github.com/editorconfig-checker/editorconfig-checker
[2] https://github.com/jedmao/eclint

* fix indendation

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-04-10 23:46:37 -04:00
silverwind
216976247c
Remove usage of JS globals (#15378)
Refactor the exported globals in index.js to JS-initialized event
handlers.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-04-09 19:42:38 -04:00
Roger Luo
fa06e98553
Add dashboard milestone search and repo milestone search by name (#14866)
Feature for issue #13845:
 - Add milestones search by name on dashboard milestones page.
 - Add milestones search by name on repo issue/milestones page.
2021-04-08 13:53:59 +02:00
Jimmy Praet
6b836ac5f7
fix org navbar (#15173) 2021-03-26 22:15:13 +01:00
silverwind
1a03fa7a4f
Update JS dependencies (#15033)
* Update JS dependencies

- Update all JS dependencies
- For octicons, rename trashcan to trash
- For svgo, migrate to v2 api, output seems to have slightly changed but icons look the same
- For stylelint, update config, fix custom property duplicates
- For monaco, drop legacy Edge support
- For eslint, enable new rules, fix new issues
- For less-loader, remove deprecated import syntax

* update svgo usage in generate-images and rebuild logo.svg with it
2021-03-22 05:04:19 +01:00
Norwin
598dd21cd4
org dashboard: move teamselector left (#14954)
Co-authored-by: zeripath <art27@cantab.net>
2021-03-17 18:45:16 -04:00
zeripath
20f13bfdfc
Fix a couple of issues with a feeds (#14897)
@CirnoT spotted a couple of issues with feeds on discord.

This PR fixes both of these.
2021-03-06 05:09:49 +01:00
6543
a4148c0f12
Repository transfer has to be confirmed, if user can not create repo for new owner (#14792)
* make repo as "pending transfer" if on transfer start doer has no right to create repo in new destination

* if new pending transfer ocured, create UI & Mail notifications
2021-03-01 01:47:30 +01:00
Mike L
4172b1955f
Fix dashboard UI bugs and more (#14767)
This PR fixes a few UI bugs I spontaneously encountered:

- Fixes emojis in repo titles getting head-cut and tail-cut in dashboard feed due to introduction of 1.25 em emojis at 1 em line-height, by simply using the original 1 3/7 em value of `semantic.css`
- Fixes regression (too long repo names should be capped to 70%) in #13828 due to flex children not respecting properties like `overflow: hidden;`, and removes a block of dead style code
- Follow-up to #14761, removes extraneous code for top navbar and correct right margin for Font Awesome
- Fixes color emphasis inversion in arc-green theme for top right buttons (edit, delete) on commit view boxes
2021-02-25 13:35:43 +01:00
a1012112796
cd8b2f3273
Fix double alert in oauth2 application edit view (#14764)
Signed-off-by: a1012112796 <1012112796@qq.com>
2021-02-22 03:51:45 +01:00
a1012112796
1ecdc55aff
fix link account ui (#14763)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-21 20:14:27 -05:00
Kyle D
d475d53c41
Fix svg spacing (#14638)
* Add right margin to icons in menu items

* Reduce padding on user profile submenu to fit in one line by default (english)
2021-02-14 17:49:22 +01:00
vnkmpf
51fb0463a3
Fix truncated organization names (#14655)
* Fix truncated organization names

Previous ellipsis implementation hid vertical overflow - image + descent line of letters.
Organization visibility in select on dashboard was not always visible.
This commit extracts classes which don't make collisions with other items on page.
2021-02-12 03:29:07 +02:00
a1012112796
ac701637b4
Add dismiss review feature (#12674)
* Add dismiss review feature

refs:
    https://github.blog/2016-10-12-dismissing-reviews-on-pull-requests/
    https://developer.github.com/v3/pulls/reviews/#dismiss-a-review-for-a-pull-request

* change modal ui and error message

* Add unDismissReview api

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-02-11 18:32:25 +01:00
vnkmpf
3a4801d195
Truncated organisations name #14583 (#14615)
- truncate to max length 40
- add CSS ellipsis
2021-02-09 19:51:01 +00:00
Lunny Xiao
41c0776568
Fix captcha (#14488)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-01-27 22:56:54 +08:00
Andrew Bezold
bc05ddc0eb
Redirect on changed user and org name (#11649)
* Add redirect for user

* Add redirect for orgs

* Add user redirect test

* Appease linter

* Add comment to DeleteUserRedirect function

* Fix locale changes

* Fix GetUserByParams

* Fix orgAssignment

* Remove debug logging

* Add redirect prompt

* Dont Export DeleteUserRedirect & only use it within a session

* Unexport newUserRedirect

* cleanup

* Fix & Dedub API code

* Format Template

* Add Migration & rm dublicat

* Refactor: unexport newRepoRedirect() & rm dedub del exec

* if this fails we'll need to re-rename the user directory

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-01-24 16:23:05 +01:00
6543
a0e424da85
Enhance Ghost comment mitigation Settings (#14392)
* refactor models.DeleteComment and delete related reactions too

* use deleteComment for UserDeleteWithCommentsMaxDays in DeleteUser

* nits

* Use time.Duration as other time settings have

* docs

* Resolve Fixme & fix potential deadlock

* Disabled by Default

* Update Config Value Description

* switch args

* Update models/issue_comment.go

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-01-21 21:56:19 -05:00
zeripath
20f980dcc2
ensure timeout error is shown on u2f timeout (#14417)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-01-22 01:28:14 +01:00
6543
21da519c0c
Implement ghost comment mitigation (#14349)
* Implement ghost comment mitigation

Adds a config option USER_DELETE_WITH_COMMENTS_MAX_DAYS to the [service] section. See https://codeberg.org/Codeberg/Discussion/issues/24 for the underlying issue.

* cleanup

* use setting module correctly

* add to docs

Co-authored-by: Moritz Marquardt <git@momar.de>
2021-01-17 21:48:38 +01:00
Jimmy Praet
acb1ceb1f4
Add review requested filter on pull request overview (#13701)
* Add review requested filter on pull request overview #13682

fix formatting

* add review_requested filter to /repos/issues/search API endpoint

* only Approve and Reject status should supersede Request status

* add support for team reviews

* refactor: remove duplication of issue filtering conditions
2021-01-17 17:34:19 +01:00
Cirno the Strongest
8db0372a45
Handle NotifyCreateRef as create branch in feeds (#14245)
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-01-04 18:51:00 +02:00
Cirno the Strongest
21fbee1503
Various UI fixes (#14239)
* Fix #14238

* Fix #14235

* Fix #14237

* Fix #14234

* Use octicon to show private status of repo in admin dashboard

* Fix #14232

* Fix #14236
2021-01-04 13:18:12 +01:00
Jimmy Praet
9cc5a89b8c
Issue and pull request filters on organization dashboard #14052 (#14072) 2021-01-03 18:29:12 +01:00
Johnny Oskarsson
a07e67d9cc
Minimal OpenID Connect implementation (#14139)
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented.  No discovery, no configuration
endpoint, and no user scope management.

OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow.  I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.

In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.

This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.

Fixes: #1310

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 00:33:27 +08:00
Jimmy Praet
40274b4a93
Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
zeripath
ad1164f73b
Disable SSH key deletion of externally managed Keys (#13985)
* Disable SSH key addition and deletion when externally managed

When a user has a login source which has SSH key management
key addition and deletion using the UI should be disabled.

Fix #13983

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make only externally managed keys disabled

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-12-25 23:24:47 -05:00
Lunny Xiao
36bd5d70cd
Fix feed push tag (#14064)
* Fix dashboard feed bug when push tag

* Fix variable name

* Fix delete tag

Co-authored-by: 6543 <6543@obermui.de>
2020-12-20 07:46:28 +08:00
silverwind
3260e15668
Dashboard search tweaks (#14008)
- Fix color of inactive pagination parts caused by overreaching CSS
selector.
- Slightly reduce horizontal padding on list items
- Add spacing around pagination and move it outside of <ul>
2020-12-17 19:58:21 +00:00
Cirno the Strongest
6074e13c8d
Fix missing username on dashboard context switch navbar (#13959) 2020-12-12 14:10:20 +01:00
Lunny Xiao
2d71cdb668
Add pull request manually merge instruction (#13840)
* add pull request command line instructions

* Add pull request manually merge instuction

* Fix styles

* Fix lint

* Move inline style to class file

* add space between merge button and hint text

* Add sentence end charcter

* Change the language file

* adjust secondary bg

* further adjustment

Co-authored-by: silverwind <me@silverwind.io>
2020-12-10 03:59:05 +01:00
silverwind
c85bb62635
Replace more icons with SVG, repo search tweaks (#13860)
* Replace more icons with SVG

- Replace remaining icons on admin page with SVG
- Fix vertical menu background on arc-green
- Minor improvments to frontpage repo search
- More icon replacements here and there

* fix integration

* whitespace tweak

* add comment

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-12-09 14:03:19 -05:00
silverwind
97ab820acc
Fix action avatar loading (#13909)
Fixes #13883

Co-authored-by: 6543 <6543@obermui.de>
2020-12-09 07:11:15 +02:00
Jimmy Praet
10b9a6df0d
Don't show dashboard links for globally disabled repo units (#13908)
This applias the same checks from base/head_navbar.tmpl to user/dashboard/navbar.tmpl so no links are shown for globally disabled repo units

Co-authored-by: 6543 <6543@obermui.de>
2020-12-08 20:58:38 -05:00
silverwind
c05701dd7d
Fix frontpage avatars (#13853)
The frontpage uses a rather strange method to obtain the commit's avatar
which I've overlooked earlier. I don't exactly understand how it works
but this change fixes the wrong default avatars by using the function
that was in previous use.

Also introduced a few constants for size an size increase factor.

Fixes: https://github.com/go-gitea/gitea/issues/13844
2020-12-09 01:12:15 +01:00
Jimmy Praet
1a372e5b21
Allow 20 characters for "View [organization]" button (#13906)
In the "View [organization]" button on the dashboard, the organization name is currenly shortened to 10 chars.
This is a bit too limited. In all other places in the code the name is also shortened to 20 instead of 10.

Co-authored-by: 6543 <6543@obermui.de>
2020-12-08 16:18:02 -05:00
silverwind
bb50ab2861
Style and template tweaks (#13828)
* Style and template tweaks

- Get red and green buttons on arc green closer to base theme
- EasyMDE adjustments, toolbar and focus border
- Fix header on 404 repo page
- Tweaks to frontpage search, add 'Create Repo' button
- Fix misaligned box headers
- Fix pagination on arc-green
- Fix background and footer on explore and repo search

* better fix for header button alignment

* add label hover for reactions
2020-12-04 12:18:37 +01:00
silverwind
9269a038a4
Direct avatar rendering (#13649)
* Direct avatar rendering

This adds new template helpers for avatar rendering which output image
elements with direct links to avatars which makes them cacheable by the
browsers.

This should be a major performance improvment for pages with many avatars.

* fix avatars of other user's profile pages

* fix top border on user avatar name

* uncircle avatars

* remove old incomplete avatar selector

* use title attribute for name and add it back on blame

* minor refactor

* tweak comments

* fix url path join and adjust test to new result

* dedupe functions
2020-12-03 19:46:11 +01:00
silverwind
b1cf7f4df1
Add class to page content to unify top margin (#13766)
* Add class to page content to unify top margin

Previously pages would individually set this margin but some didn't so
content would stick to the header without any space. Resolve this by
adding a new class that is added on all pages. The only place where we
remove this margin again is on the pages with menu or wrapper in the
header.

* fix admin notices

* fix team pages

* fix loading segment on gitgraph for arc-green

* fix last missing case

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-30 23:00:14 -05:00
silverwind
295fc99607
Markdown and Repo header tweaks (#13744)
* Markdown and Repo header tweaks

- Use CSS vars for all markdown colors
- Tweak repo header, removing double borders and adjust sizes
- Use menu instead of buttons for issue open/close switcher
- Add emoji inversion for select emoji glyphs in arc-green
- Use border over box-shadow for all buttons
- Add spacing element to login form without openid

* repo settings navbar fix

* use shared template in more places and adjust dashboard

* fix remaining open/close combos
2020-11-29 17:52:11 +02:00
6543
0f14f69e60
Verify password for local-account activation (#13631)
* Verify passwords for activation

This is to prevent 3rd party activation

* Fix function comment

* only veify password on local-account aktivation

* fix lint

* Update templates/user/auth/activate.tmpl

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: Andreas Shimokawa <shimokawa@fsfe.org>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-28 17:41:06 -05:00
silverwind
b2de034278
CSS navbar and color tweaks (#13609)
* CSS and color tweaks

- Unify navbar-style menus
- Fix admin bar overlapping menu bar
- Fixes file edit comment box
- Fix double border on review box
- Fix review timeline icons

* Many fixes to new-menu and navbar layout enhancements

* misc settings fixes

* navbar tweak

* fix pr tabs

* branch tag and arc color tweaks
2020-11-26 19:33:28 +00:00
silverwind
6d93a3ab18
Issue and Pulls lists rework (#13594)
* Issue and Pulls lists rework

Reorganized and restyled the issue and pull request lists.

* color and layout tweaks

* use new issue list on dashboard as well

* move pagination into template

* misc tweaks

* fix label hover

* fix milestone list

* fix discrepancies between issue and milestone list, add new 'merge' helper

* fmt

* simplify merge helper

* remove whitespace

* fix startIndex

* further simplify dict merging

* rename helper to 'mergeinto' for clarity

* allow bottom-row to wrap

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-25 13:20:40 +02:00
silverwind
12c2efb45c
Remove fetch request from heatmap (#13623)
* Remove fetch request from heatmap

Render heatmap data directly to HTML, eliminating one HTTP request on
frontpage and user profile. Also added min-height to the container so
the page content will no longer move after loading.

* rename and error display

* also log the js error

* add error handler

* remove useless inline style and hide divider on small screens

* Update routers/user/home.go

* Update routers/user/profile.go
2020-11-18 16:00:16 -06:00
Norwin
e16b0e5a90
unify layout between auth pages (#13547)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-13 21:46:40 -05:00
silverwind
c2e05d9f9a
Form styling adjustments (#13501)
* Form styling adjustments

- Move all form-related styling to _forms.less
- Defined new form-related variables
- Fix spinner on frontpage repo search
- Add new rounded-* helpers and fix repo search radius

* misc arc green tweaks

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-12 23:59:33 +08:00
silverwind
8bae34c4b2
Change search and filter icons to SVG (#13473)
Unfortunately, the Fomantic CSS relies on i.icon instead of .icon so a
wrapper is necessary for these with an accompanying class to center the
icon.
2020-11-09 18:21:47 +00:00
silverwind
62719cdd2d
Fix whitespace rendering in diff (#13415)
- Introduce new .code-inner class that sets the CSS attributes on
rendered code lines like view,blame and diff.
- Rename .wrap class to .word-break to reflect what it actually does
- Remove .raw which was only used on webhook page
- Set white-space: pre-wrap except on blame where it can break the
layout

Fixes: https://github.com/go-gitea/gitea/issues/13406
2020-11-04 09:14:07 +02:00
silverwind
2ac112d84e
Comment box tweaks and SVG dropdown triangles (#13376)
* Comment box tweaks and SVG dropdown triangles

- Change all dropdown triangles to SVG
- Bring inline review comment box closer to regular comment boxes
- Enhance arc-green checkbox contrast
- Minor reaction tweaks
- Flexbox the diff file header

* remove a border

* fix type marker in arc-green

* add small code padding

* fix position regression and remove useless rules

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-31 18:15:11 -04:00
zeripath
68bdb9fd4b
Fix links to repositories in /user/setting/repos (#13360)
* Fix links to repositories in /user/setting/repos

somehow the links gained a spurious $ in the links.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* And fix #13359

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-10-30 16:27:01 +00:00
zeripath
beb6bf4261
Remove obsolete change of email on profile page (#13341)
* Remove obsolete change of email on profile page

The change email on the account profile page is out-of-date
and unnecessary.

Changing email should be done using the account page.

Fix #13336

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-10-28 22:33:14 +00:00
silverwind
83106c166d
Replace footer and modal icons with SVG (#13245)
- Replace two font icons with SVG in the footer
- Replace icons in delete modals with SVG
- Horizontally center message text in modals
2020-10-21 22:07:33 +01:00
Wim
9066d09c57
Add ssh certificate support (#12281)
* Add ssh certificate support

* Add ssh certificate support to builtin ssh

* Write trusted-user-ca-keys.pem based on configuration

* Update app.example.ini

* Update templates/user/settings/keys_principal.tmpl

Co-authored-by: silverwind <me@silverwind.io>

* Remove unused locale string

* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>

* Add missing creation of SSH.Rootpath

* Update cheatsheet, example and locale strings

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

* Optimizations based on feedback

* Validate CA keys for external sshd

* Add filename option and change default filename

Add a SSH_TRUSTED_USER_CA_KEYS_FILENAME option which default is
RUN_USER/.ssh/gitea-trusted-user-ca-keys.pem

Do not write a file when SSH_TRUSTED_USER_CA_KEYS is empty.

Add some more documentation.

* Remove unneeded principalkey functions

* Add blank line

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* Add SSH_AUTHORIZED_PRINCIPALS_ALLOW option

This adds a SSH_AUTHORIZED_PRINCIPALS_ALLOW which is default
email,username this means that users only can add the principals
that match their email or username.

To allow anything the admin need to set the option anything.

This allows for a safe default in gitea which protects against malicious
users using other user's prinicipals. (before that user could set it).

This commit also has some small other fixes from the last code review.

* Rewrite principal keys file on user deletion

* Use correct rewrite method

* Set correct AuthorizedPrincipalsBackup default setting

* Rewrite principalsfile when adding principals

* Add update authorized_principals option to admin dashboard

* Handle non-primary emails

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add the command actually to the dashboard template

* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>

* By default do not show principal options unless there are CA keys set or they are explicitly set

Signed-off-by: Andrew Thornton <art27@cantab.net>

* allow settings when enabled

* Fix typos in TrustedUserCAKeys path

* Allow every CASignatureAlgorithms algorithm

As this depends on the content of TrustedUserCAKeys we should allow all
signature algorithms as admins can choose the specific algorithm on their
signing CA

* Update models/ssh_key.go

Co-authored-by: Lauris BH <lauris@nix.lv>

* Fix linting issue

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-10 20:38:09 -04:00
silverwind
1c523e2129
Set appropriate autocomplete attributes on password fields (#13078)
`new-password` prevents annoying autocompletion in some cases, thought
it's not semantically correct to use that for example on all three
fields on the user account page, so some annoyances remain.

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-09 10:32:30 +03:00
Spencer Taylor
6eea301829
Adding visual cue for "Limited" & "Private" organizations. (#13040)
* Adding visual cue for "Limited" & "Private" organizations.

* Moving org visibility CSS styles to .less files.

Co-authored-by: Gitea <gitea@fake.local>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-06 02:25:43 -04:00
silverwind
922d698842
CSS tweaks to warning/error segments and misc fixes (#13024)
* CSS tweaks to warning/error segments and misc fixes

- Adjust styling for warning/error in arc-green
- Change danger boxes from orange to red
- Fix code highlight text color in arc-green
- Fix warning message in arc-green
- Fix border in org member list in arc-green
- Fix disabled checkbox text in arc-green

* use same selector in gitea theme

* fix blame highlight

Co-authored-by: zeripath <art27@cantab.net>
2020-10-04 16:54:22 -04:00
John Olheiser
72636fd664
hCaptcha Support (#12594)
* Initial work on hCaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Use module

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Format

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* At least return and debug log a captcha error

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Pass context to hCaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add context to recaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Finish hcaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update example config

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Apply error fix for recaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Change recaptcha ChallengeTS to string

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2020-10-02 23:37:53 -04:00
Bagas Sanjaya
fb467c7e74
Update GitHub docs links for SSH & GPG (#12947)
The links now redirected to docs.github.com. `common SSH problems` link
is misredirected to `Authenticating to GitHub` page, so it has been
corrected to the proper `troubleshooting SSH` page.

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-26 22:10:41 -04:00
zeripath
7a7f56044a
Adopt repositories (#12920)
* Don't automatically delete repository files if they are present

Prior to this PR Gitea would delete any repository files if they are
present during creation or migration. This can in certain circumstances
lead to data-loss and is slightly unpleasant.

This PR provides a mechanism for Gitea to adopt repositories on creation
and otherwise requires an explicit flag for deletion.

PushCreate is slightly different - the create will cause adoption if
that is allowed otherwise it will delete the data if that is allowed.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix tests and migrate overwrite

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Only offer to adopt or overwrite if the user can do that.

Allow the site administrator to adopt or overwrite in all
circumstances

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use setting.Repository.DefaultBranch for the default branch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Always set setting.Repository.DefaultBranch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update templates

Signed-off-by: Andrew Thornton <art27@cantab.net>

* ensure repo closed

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Rewrite of adoption as per @6543 and @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* missing not

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add modals and flash reporting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make the unadopted page searchable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle empty and non-master branched repositories

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove commented out code

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-25 07:09:23 +03:00
赵智超
a9decf0dac
Use a simple format for the big number on ui (#12822)
* Use a simple format for the big number on ui

Signed-off-by: a1012112796 <1012112796@qq.com>

* make fmt

* Apply review suggestion @silverwind

* Change name 2

* make fmt

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-16 00:07:18 -04:00
silverwind
ffddf3f8a6
Make SVG size argument optional (#12814)
Now defaults to 16 on both frontend and backend.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-11 16:19:00 -04:00
Bagas Sanjaya
4c42fce401
Add placeholder text for bio profile text form (#12792)
* Add placeholder text
  * Localize
2020-09-10 15:29:26 +01:00
Lunny Xiao
e153cf07c3
Add a migrate service type switch page (#12697)
* Add a migrat service type switch page

* Improve translations

* remove images

* Fix images

* remove extra create repo button on dashboard

* Follow reviewers' opinions

* Fix frontend lint

* Remove wrong submit file

* Fix tests

* Adjust the size of image

* Apply suggestions from code review

Co-authored-by: 赵智超 <1012112796@qq.com>

* Remove username and password from migration of github/gitlab

* Improve docs

* Improve interface docs

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-09 14:29:10 -04:00
Daniel Aleksandersen
72eeb13e4d
Set avatar image dimensions (#12654)
Set the avatar image dimensions to help browsers
avoid layout reflows. Helps page load performance and
user experience (less content jank).

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-02 14:42:28 -04:00
zeripath
d3b5edacb6
Escape more things that are passed through str2html (#12622)
* Escape more things that are passed through str2html

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Bloody editors!

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update routers/user/oauth.go

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-28 00:37:05 -04:00
zeripath
69b3dd6362
Escape Email in forgot_password.tmpl (#12610)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-26 08:47:38 -05:00
Bagas Sanjaya
fff0204cab
Add placeholder text for "Add SSH/GPG Key" forms (#12533)
* Add placeholder text for "Add SSH/GPG Key" forms

This commit add placeholder text for both Add SSH key and Add GPG key
forms.

* Localize placeholders

Changes requested by @zeripath

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-20 11:51:34 -04:00
Lanre Adelowo
4027c5dd7c
Kanban board (#8346)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
Co-authored-by: Kerry <flatline-studios@users.noreply.github.com>
Co-authored-by: Jaqra <jaqra@hotmail.com>
Co-authored-by: Kyle Evans <kevans91@users.noreply.github.com>
Co-authored-by: Tsakiridis Ilias <TsakiDev@users.noreply.github.com>
Co-authored-by: Ilias Tsakiridis <ilias.tsakiridis@outlook.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-16 23:07:38 -04:00
zeripath
d1e67d7ade
Fix bug preventing transfer to private organization (#12497)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere
2020-08-16 16:27:08 -04:00
6543
2872a04f27
UserProfile Page: Render Description (#12415)
* If Description contain more that one line render it

* simpler ...

* only render if description exists

* Fix NPE in tests

* Update routers/user/profile.go

Co-authored-by: zeripath <art27@cantab.net>
2020-08-05 15:48:37 +08:00
zeripath
15300699c4
Fix milestone links (#12405)
The milestone pages links should direct to the milestone pages

Fix #10215

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-02 09:18:09 +01:00
赵智超
1f12dc8e88
Add action feed for new release (#12324)
* Add action feed for new release

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix lint

* Apply suggestions from code review

* Add ReleaseID to the action table
* Remove error message
* Fold the attachments download list

* remove attchment download list

* simplify code

* fix create release from existing tag

* simplify ui

* translation change

* fix test

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-29 15:20:54 -04:00
silverwind
859094ef0a
Disable search box autofocus on issue/pr pages (#12229)
Various pages like the issue list autofocus their search box which I find rather intrusive because more often than not I don't want to type into the search box, it's distracting if the focus jumps after page load. Disable this behaviour.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-26 22:43:14 -04:00
silverwind
0e24af6951
Update Octicons to v10 (#12240)
* Update Octicons to v10

Besides a few renames, these icons are no longer present in v10 that we've
used, so had to change:

file-symlink-directory -> file-submodule
internal-repo -> repo
repo-force-push -> repo-push
repo-template-private -> repo-template

Fixes: https://github.com/go-gitea/gitea/issues/11889
Ref: https://github.com/primer/octicons/releases/tag/v10.0.0

* add custom sliders svg for removed octicon-settings

* apply suggestion

* fix triangles and use play on admin dashboard

* add custom mirror svg

* add missing build files

* unify custom svgs

* move to octicon-repo-clone to gitea-mirror

* use octicon-x on conflicts

* tweak timeline icons

* tweak comment buttons

* update settings icon to octicons v1

* switch to octicon-mirror and octicon-tools

* replace two wiki buttons with octicons

* remove whitespace in svg sources

* Fix filepath basename on Windows for SVG bindata (#12241)

* move octicons to devDependencies

* move back to dependencies

* move svgo to devDependencies again

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-17 18:15:12 +03:00
Tchoupinax
fd9e8951d8
fix: add type=text for user_name (password manager) (#12250)
* fix: add type=text for user_name (password manager)

* Update templates/user/auth/reset_passwd.tmpl

Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>

Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
2020-07-15 16:48:50 +03:00
silverwind
48ad76c25e
Fix repolist icons (#12228)
Fixes: https://github.com/go-gitea/gitea/issues/12226
2020-07-13 02:48:48 +03:00
silverwind
075f33c48c
Fix U2F button icon (#12167)
Previously this used a USB icon which required a separate font file used
nowhere else so replace it with a octicon and fix the background color
on arc-green too.
2020-07-07 01:37:48 +03:00
Cirno the Strongest
92a05f87f0
Use only first line of commit when creating referenced comment (#11960)
* Use only first line of commit when creating referenced comment

* Update modules/repofiles/action.go

* Display first line only on feeds too

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
2020-06-19 15:19:56 +08:00
Cirno the Strongest
8770bceafa
Fix search form button overlap (#11840)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-11 23:35:03 -04:00
l-jonas
aa3c0f8eba
Add hide activity option (#11353)
* Add hide activity option

This closes https://github.com/go-gitea/gitea/issues/7927

* Adjust for linter

* Adjust for linter

* Add tests

* Remove info that admins can view the activity

* Adjust new tests for linter

* Rename v139.go to v140.go

* Rename v140.go to v141.go

* properly indent

* gofmt

Co-authored-by: Jonas Lochmann <git@inkompetenz.org>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-05 16:01:53 -04:00
Cirno the Strongest
5acba4609a
Add internal-repo octicon for public repos of private org (#11529)
* Show multiple octicons on repo list

* fix mixed spaces/tabs

* Internal repo octicon

* show internal icon in dashboard repolist

* swagger

* fix icon for normal repo on repo page

* don't expose owner visibility directly; provide internal in repo api

* fix icons for forks and mirrors

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-05 14:41:06 +03:00
zeripath
3eb323901c
Fix repo-list private and total count bugs (#11500)
* Fix repo-list private and total count bugs

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Ensure limited and private org public repos are displayed on "private"

Signed-off-by: Andrew Thornton <art27@cantab.net>

* switch from onlyPrivate to is_private

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Generate swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-20 22:15:30 -03:00
wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf
a2d7999e93
Insert ui divider directly in templates instead of from inside heatmap vue component (#11508)
* ui: remove the divider between heatmap and feeds in the dashboard view

* this commit reverses 6ccd19ef86

Signed-off-by: surtur <a_mirre@utb.cz>

* add a divider to the default user dashboard view

* another one-line change, this time as a direct complement of
  2bfc71614c0c5470162825a21c13838e15ccf5a6 to implement a divider of
  sorts (as per 6ccd19ef86 originally)

Signed-off-by: surtur <a_mirre@utb.cz>

* removed the divider in heatmap.tmpl

* the separator is added by partial templates as needed

Signed-off-by: surtur <a_mirre@utb.cz>

* load proper dashboard template code in profile.tmpl

* as discussed in Discord
* includes a divider of its own

Signed-off-by: surtur <a_mirre@utb.cz>
2020-05-19 21:24:14 +01:00
zeripath
c86bc8e061
Add paging and archive/private repository filtering to dashboard list (#11321)
* Add archived options to SearchRepository

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add only-private search

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add filter options and paging to dashboard repository page

Signed-off-by: Andrew Thornton <art27@cantab.net>

* swagger generate

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix-swagger-again

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @mrsdizzie also remember state

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-16 23:07:01 +03:00
Cirno the Strongest
1d54479585
Fix margin on attached segment headers when they are separated by other element (#11425)
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-05-15 21:35:22 -04:00
Sijmen Schoon
66a9ef9036
Fix ref links in issue overviews for tags (#8742)
* Properly generate ref URLs

Tags used to not generate correct URLs (src/branch/tags/1.0.0 instead of
src/tags/1.0.0).

Also cleans up some code around it with the created helper functions.

* Fix formatting and create migration

* Add copyright head to utils_test

* Use a raw query for the ref migration

* Remove semicolon

* Quote column and table names in migration SQL

* Change || to CONCAT, since MSSQL does not support ||

* Make migration engine aware

* Add missing import

* Move ref EndName and URL to the issue service

* Fix tests

* Add test for commit refs

* Update issue.go

* Use the right command for building JavaScript bundles

* Prepare for merge

* Check for refs/* before prepending in migration

* Update services/issue/issue_test.go

* Update modules/git/utils_test.go

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
2020-05-14 18:55:43 -04:00
Cirno the Strongest
5df72ef7e7
Fix svg octicon-key placement (#11410) 2020-05-14 18:59:18 +01:00
zeripath
aa29f1c2b9
Ensure search action button coalesced to adjacent input (#11385)
Fomantic-ui's action button syntax requires that the button is
the next sibling of the input it is attached to and that they
are both children of a div.action.

Fix #11375

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-12 15:08:43 -04:00
mrsdizzie
4ed7d2a2bb
Remove last traces of has-emoji class (#11263)
Now that emojify.js has been removed, get rid of all instances of has-emoji class that was only used for that. Support for rendering shortcodes should remain in all of these places so it should still work the same.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-01 20:58:45 +03:00
mrsdizzie
a2683e5ddb
Allow emoji short code in labels (#11250)
* Allow emoji short code in labels

As title, turn :alias: type short code into emojis when rendering labels to match previous behavior

* Update models/issue_label.go

Co-Authored-By: John Olheiser <john.olheiser@gmail.com>

* render text in templates not code

* remove has-emoji class

🧙‍♀️

* fix new issue form

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-04-30 09:10:15 +01:00
mrsdizzie
4563eb873d
Support unicode emojis and remove emojify.js (#11032)
* Support unicode emojis and remove emojify.js

This PR replaces all use of emojify.js and adds unicode emoji support to various areas of gitea.

This works in a few ways:

First it adds emoji parsing support into gitea itself. This allows us to

 * Render emojis from valid alias (😄)
 * Detect unicode emojis and let us put them in their own class with proper aria-labels and styling
 * Easily allow for custom "emoji"
 * Support all emoji rendering and features without javascript
 * Uses plain unicode and lets the system render in appropriate emoji font
 * Doesn't leave us relying on external sources for updates/fixes/features

That same list of emoji is also used to create a json file which replaces the part of emojify.js that populates the emoji search tribute. This file is about 35KB with GZIP turned on and I've set it to load after the page renders to not hinder page load time (and this removes loading emojify.js also)

For custom "emoji" it uses a pretty simple scheme of just looking for /emojis/img/name.png where name is something a user has put in the "allowed reactions" setting we already have. The gitea reaction that was previously hard coded into a forked copy of emojify.js is included and works as a custom reaction under this method.

The emoji data sourced here is from https://github.com/github/gemoji which is the gem library Github uses for their emoji rendering (and a data source for other sites). So we should be able to easily render any emoji and :alias: that Github can, removing any errors from migrated content. They also update it as well, so we can sync when there are new unicode emoji lists released.

I've included a slimmed down and slightly modified forked copy of https://github.com/knq/emoji to make up our own emoji module. The code is pretty straight forward and again allows us to have a lot of flexibility in what happens.

I had seen a few comments about performance in some of the other threads if we render this ourselves, but there doesn't seem to be any issue here. In a test it can parse, convert, and render 1,000 emojis inside of a large markdown table in about 100ms on my laptop (which is many more emojis than will ever be in any normal issue). This also prevents any flickering and other weirdness from using javascript to render some things while using go for others.

Not included here are image fall back URLS. I don't really think they are necessary for anything new being written in 2020. However, managing the emoji ourselves would allow us to add these as a feature later on if it seems necessary.

Fixes: https://github.com/go-gitea/gitea/issues/9182
Fixes: https://github.com/go-gitea/gitea/issues/8974
Fixes: https://github.com/go-gitea/gitea/issues/8953
Fixes: https://github.com/go-gitea/gitea/issues/6628
Fixes: https://github.com/go-gitea/gitea/issues/5130

* add new shared function emojiHTML

* don't increase emoji size in issue title

* Update templates/repo/issue/view_content/add_reaction.tmpl

Co-Authored-By: 6543 <6543@obermui.de>

* Support for emoji rendering in various templates

* Render code and review comments as they should be

* Better way to handle mail subjects

* insert unicode from tribute selection

* Add template helper for plain text when needed

* Use existing replace function I forgot about

* Don't include emoji greater than Unicode Version 12

Only include emoji and aliases in JSON

* Update build/generate-emoji.go

* Tweak regex slightly to really match everything including random invisible characters. Run tests for every emoji we have

* final updates

* code review

* code review

* hard code gitea custom emoji to match previous behavior

* Update .eslintrc

Co-Authored-By: silverwind <me@silverwind.io>

* disable preempt

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-28 15:05:39 -03:00
zeripath
b10c416f9e
Use AJAX for notifications table (#10961)
* Use AJAX for notifications table

Signed-off-by: Andrew Thornton <art27@cantab.net>

* move to separate js

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate golangci-lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add autoupdating notification count

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix wipeall

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Try hidden

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Try hide and hidden

Signed-off-by: Andrew Thornton <art27@cantab.net>

* More auto-update improvements

Only run checker on pages that have a count
Change starting checker to 10s with a back-off to 60s if there is no change

Signed-off-by: Andrew Thornton <art27@cantab.net>

* string comparison!

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @silverwind

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add configurability as per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add documentation as per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use CSRF header not query

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Further JS improvements

Fix @etzelia update notification table request
Fix @silverwind comments

Co-Authored-By: silverwind <me@silverwind.io>
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Simplify the notification count fns

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: silverwind <me@silverwind.io>
2020-04-24 00:57:38 -03:00
zeripath
9588d2c622
Remove errant third curly brackets from account.tmpl and pull.tmpl and send account ID in account.tmpl (#11129)
* Remove errant third } from account.tmpl

Fix #11128

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove errant third curly bracket from pull.tmpl

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update templates/user/settings/account.tmpl
2020-04-19 20:31:56 +08:00
guillep2k
3d6f1731b5
Fix and simplify some tmpl conditions (#11080) 2020-04-16 16:26:24 -05:00
赵智超
ef89e75d0e
add request review from specific reviewers feature in pull request (#10756)
* add request review feature in pull request

add a way to notify specific reviewers to review like github , by add  or delet a  special type
review . The acton is  is similar to Assign ,  so many code reuse the function and items of
Assignee, but the meaning and result is different.

The Permission style is is similar to github, that only writer can add a review request from Reviewers,
but the poster can recall and remove a review request after a reviwer has revied even if he don't have
Write Premission. only manager , the poster and reviewer of a request review can remove it.

The reviewers can be requested to review contain all readers for private repo , for public, contain
all writers and watchers.

The offical Review Request will block merge if Reject can block it.

an other change: add ui otify for Assignees.

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>

Signed-off-by: a1012112796 <1012112796@qq.com>

* new change

* add placeholder string

* do some changes follow #10238 to add review requests num on lists also
change icon for review requests to eye

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-04-06 19:33:34 +03:00
mrsdizzie
972b3bf3b0
Split dashboard elements into separate template files (#10885)
* Split dashboard elements into separate template files

No code change just Move Heatmap and Repo list/search into separate
template files (like feeds and navbar already are). This will let a
user more easily replace dashboard.tmpl without regularly becoming
out of sync with fixes or changes to the actual code.

Fixes #10870

* End file with an empty line

Co-authored-by: zeripath <art27@cantab.net>
2020-03-30 03:49:54 -03:00
zeripath
80db44267c
Add Approval Counts to pulls list (#10238)
* Add Approval Counts to pulls list

Add simple approvals counts to pulls lists

* Remove non-official counts

* Add PR features to milestone_issues.tmpl
2020-03-06 03:44:06 +00:00
John Olheiser
afa1e1af16
Fix templates (#10596)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-03-04 08:56:53 +02:00
guillep2k
5e1438ba92
Admin page for managing user e-mail activation (#10557)
* Implement mail activation admin panel

* Add export comments

* Fix another export comment

* again...

* And again!

* Apply suggestions by @lunny

* Add UI for user activated emails

* Make new activation UI work

* Fix lint

* Prevent admin from self-deactivate; add modal

Co-authored-by: zeripath <art27@cantab.net>
2020-03-02 15:25:36 -03:00
Brad Albright
82be59e633
issue search on my related repositories (#9758)
* adding search capability to user's issues dashboard

* global issue search

* placement of search bar on issues dashboard

* fixed some bugs in the issue dashboard search

* added unit test because IssueIDs option was added to UserIssueStatsOptions

* some renaming of fields in the issue dashboard code to be more clear; also trying to fix issue of searching the right repos based on the filter

* added unit test fro GetRepoIDsForIssuesOptions; fixed search lost on pagination; using shown issue status for open/close count; removed some debugging

* fix issue with all count showing incorrectly

* removed todo comment left in by mistake

* typo pulling wrong count

* fxied all count being off when selecting repositories

* setting the opts.IsClosed after pulling repos to search, this is done so that the list of repo ids to serach for the keyword is not limited, we need to get all the issue ids for the shown issue stats

* added "accessibleRepositoryCondition" check on the query to pull the repo ids to search for issues, this is an added protection to ensure we don't search repos the user does not have access to

* added code so that in the issues search, we won't use an in clause of issues ids that goes over 1000

* fixed unit test

* using 950 as the limit for issue search, removed unneeded group by in GetRepoIDsForIssuesOptions, showing search on pulls dashboard page too (not just issues)

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-29 03:52:05 -03:00
John Olheiser
15fbf509d3
Org action fixes and form cleanup (#10512)
* More org fixes

* Move form action query to inputs

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-02-27 16:00:13 -06:00
John Olheiser
c161bb013e
Change action GETs to POST (#10462)
* Change action GETs to POST

* submite = submit + smite

* No more # href

* Fix test

* Match other tests

* Explicit csrf

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-25 14:28:47 -06:00
Philipp A. Beckmann
bab6e1ed87
Fixed wrong AppSubUrl in multiple templates (#10447)
* Fixed wrong AppSubUrl in OAuth2 app edit page

* Replaced all other occurrences of $.AppSubURL for support of sub-paths
2020-02-25 09:58:37 -06:00
John Olheiser
d3f618362a
Fix JS and Vue (#10328)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-02-18 08:07:57 +02:00
John Olheiser
86fdba177a
Add Octicon SVG spritemap (#10107)
* Add octicon SVG sprite

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Static prefix

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* SVG for all repo icons

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* make vendor

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Swap out octicons

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move octicons to top of less imports

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix JS

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Definitely not a search/replace

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Missed regex

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move to more generic calls and webpack

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* make svg -> make webpack

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Remove svg-sprite

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Missed a test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Remove svg from makefile

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Suggestions

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Attempt to fix test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Revert timetracking test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Swap .octicon for .svg in less

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add aria-hidden

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Replace mega-octicon

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix webpack globbing on Windows

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Revert

Co-Authored-By: silverwind <me@silverwind.io>

* Fix octions from upstream

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix Vue and missed JS function

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add JS helper and PWA

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Preload SVG

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
2020-02-11 12:02:41 -05:00
zeripath
9789e0ad53
Only show conflicted files if not merged (#10197)
* Only show conflicted files if not merged

* try again

Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: techknowlogick <matti@mdranta.net>
2020-02-09 21:53:41 -05:00
Lauris BH
fe00886bef
Fix followers and following tabs in profile (#10202) 2020-02-09 22:18:01 +02:00
James Lakin
6e6da2c276
Tweak locale to respect singular conflicting file message in P… (#10177)
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
2020-02-07 17:38:18 +01:00
guillep2k
727fc42db7
Fix issue/pull link (#10158) 2020-02-06 13:12:15 -05:00
James Lakin
3ff95cef60
Show if a PR has conflicting files on the PR lists (#10130)
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-04 00:14:38 +02:00
silverwind
c640a1818a add explicit dimensions to navbar avatar (#9986)
* add explicit dimensions to navbar avatar

this prevents a temporary layout change when navigating between
pages with cache disabled.

* also add dimensions on frontpage

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-26 18:13:38 +02:00
zeripath
92d6bca41e
Ensure that 2fa is checked on reset-password (#9857)
* Ensure that 2fa is checked on reset-password

* Apply suggestions from code review

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Properly manage scratch_code regeneration

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-19 20:17:12 +00:00
Lunny Xiao
b641c68fee Improve notification pager (#9821)
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
2020-01-17 19:31:26 +01:00
John Olheiser
cd5a44d973 Fix milestones page (#9770)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-01-14 22:57:13 +01:00
mrsdizzie
1df701fd1a Add ActionCommentPull action (#9456)
* Add ActionCommentPull action

Adds ActionCommentPull action to distinguish between a comment on an
issue and on a pull request

* Update modules/notification/action/action.go

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2019-12-22 08:29:26 +00:00
techknowlogick
590d56dbb3
switch to fomantic-ui (#9374) 2019-12-17 16:34:11 -05:00
Brad Albright
f6b29012e0 Add /milestones endpoint (#8733)
Create a /milestones endpoint which basically serves as a dashboard view for milestones, very similar to the /issues or /pulls page.

Closes #8232
2019-12-15 14:20:08 +00:00
jaqra
8875586570 Change some label colors (#9051)
* Change label colors

* Override black basic label background for green theme on label list
2019-12-03 20:39:58 -05:00
John Olheiser
23ef9ff516 Remove empty lines (#9232)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-12-03 08:33:25 +08:00
6543
66028d58f9 [UI] IssuePage multi repo select (#8741)
* Make repository list @ issues/PR page persist

Will partially fix #6355

* Enable multiple selections in repo list @ issues/PR page

Part of issue #6355

* Add RepoIDs to UserIssueStatsOptions to make "type" count correct when selecting one/multiple repos.
* Replace variable "repo" with list "repos[]" and enable multiple selections of repositories from list by including/excluding RepoIDs in list.
*

* Remove redundant code

* Add 'All' button 

Improves functionality of the page, so that backtracking is not necessary to reset the page

* Remove redundant variable

Completely replace 'RepoID' with 'RepoIDs' and remove redundant code

* Add RepoIDs to label link

* Revert part of code to previous version to troubleshoot build failure

* Implement old and new pieces of code whilst adhering to multi select

* Attempt to join the two versions

Last commit passed tests but doesn't work in practice, this works in practice and hopefully passes the tests.

* Update tests to desired state

* Fix pagination implementation and tests

* Pass repoIDs as `repos=[1,2,3...]` instead of several `repos[]=..`
* Update tests file to reflect new functionality
* Update template with new `repos` format
* Implement new solution to show constant "total issues" count for "All" button

* Correct behavior when passing zero to array

* Comment out test url returning 404

This keeps returning 404 in the test despite working in practice, for the sake of running more tests I am commenting it out

* Comment out another test url returning 404

Last attempt, if more tests crash I will uncomment the urls and request assistance.

* Reenable tests and test fix

* Re-enable tests
* Make selecting "In your repositories" reset selection as passing IDs of repos belonging to other profiles causes breakage
* Remove unnecessary (with multi-selection enable) code

* Drop repo from repo map and total count if permission denied

* Remove extra parenthesis

* make template work again

* find bug!

* forgot the '#' at bugfixing

* delete unused RepoID

* compile regex only one time

* make fmt

* local variable = capital letter lower

* check if repos query pattern is correct

* pagination remove last , - make regex work again

* use Replace instead of ReplaceAll; del delete

* fix test

* how did this test binary got in?!?
dont forgot the "-p" at git add * !

* dont replace -> cut fisrt & last string

Co-Authored-By: zeripath <art27@cantab.net>

* jet another regex

dont mind as long as it has the same result and is performatn ...

Co-Authored-By: zeripath <art27@cantab.net>

* dont use nonexisting repo for test

* exclude /issues?type=created_by from test

* add table to querys
use same syntax in each query (table.colum)

* add new issue for test

* dont make a workaround or something else
this need a refactor itself and is out of scope for this PR

* fix misspell

* CI.redo()

* englisch txt update

Co-Authored-By: zeripath <art27@cantab.net>

* add sugestions

* Tweak & Fix

* CI.restart()
2019-12-01 22:50:36 -05:00
Benno
e8241bf55e update #9066 Always show Password field on link account sign in page (#9147) 2019-11-24 15:17:53 -05:00
QuaSoft
7b4d2f7a2a Add single sign-on support via SSPI on Windows (#8463)
* Add single sign-on support via SSPI on Windows

* Ensure plugins implement interface

* Ensure plugins implement interface

* Move functions used only by the SSPI auth method to sspi_windows.go

* Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected

* Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links.

* Update documentation for the new 'SPNEGO with SSPI' login source

* Mention in documentation that ROOT_URL should contain the FQDN of the server

* Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing)

* Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources)

* Add option in SSPIConfig for removing of domains from logon names

* Update helper text for StripDomainNames option

* Make sure handleSignIn() is called after a new user object is created by SSPI auth method

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates

* Remove code duplication

* Log errors in ActiveLoginSources

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert suffix of randomly generated E-mails for Reverse proxy authentication

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert unneeded white-space change in template

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Add copyright comments at the top of new files

* Use loopback name for randomly generated emails

* Add locale tag for the SSPISeparatorReplacement field with proper casing

* Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields

* Update docs/content/doc/features/authentication.en-us.md

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Remove Priority() method and define the order in which SSO auth methods should be executed in one place

* Log authenticated username only if it's not empty

* Rephrase helper text for automatic creation of users

* Return error if more than one active SSPI auth source is found

* Change newUser() function to return error, letting caller log/handle the error

* Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed

* Refactor initialization of the list containing SSO auth methods

* Validate SSPI settings on POST

* Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page

* Make 'Default language' in SSPI config empty, unless changed by admin

* Show error if admin tries to add a second authentication source of type SSPI

* Simplify declaration of global variable

* Rebuild gitgraph.js on Linux

* Make sure config values containing only whitespace are not accepted
2019-11-23 01:33:31 +02:00
John Olheiser
06a8504c78 Update dashboard context for PR reviews (#8995)
* Update dashboard context for PR reviews

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update options/locale/locale_en-US.ini

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Only append head action if it has content or is approval/rejection

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update options/locale/locale_en-US.ini

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
2019-11-15 00:52:18 +01:00
Lunny Xiao
afe50873a5 Move index.js to web_src and use webpack to pack them (#8598)
* Move index.js to web_src and use webpack

* Fix initHeatMap

* update eslint and move webpack to devDependencies

* update index.js

* add eslint env node
2019-11-13 15:52:13 +01:00
Lunny Xiao
bb6879d339
Improve notification (#8835)
* Improve notifications

* batch load user

* Update notification only when read

* Fix reorder

* fix lint

* fix test

* fix lint

* make function meaningful

* fix comment
2019-11-12 16:33:34 +08:00
mrsdizzie
b747501337 Show due date in dashboard issues list (#8860)
* Show due date in dashboard issues list

Include due date when vieiwiing all issues on dashboard (matching what
we show for repo issue lists).

Fixes #8859

* Put in same order as repo issue list

* Add suggested changes and also update repo issue list to match
2019-11-07 21:12:23 +01:00
zeripath
c84174b764
Use AppSubUrl for more redirections (#8647)
Fix #8461 - fix misspelling of {{AppSubUrl}} and other misspelling in template
Fixes /explore and organisation redirection
2019-10-23 22:04:22 +01:00
guillep2k
eb8975dcce Add nofollow to sign in links (#8509) 2019-10-14 18:43:48 +01:00
jaqra
1a2d7207ea Make 100% width issues page left menu and add reponame as title attribute (#8359) 2019-10-04 09:18:46 +02:00
Elias Norberg
8a45070f62 Fix pull request commit status in user dashboard list (#8321) 2019-09-30 12:16:29 +03:00
jaqra
28362195a0 Add 'Mentioning you' group to /issues page (#8201) 2019-09-18 10:24:44 +03:00
jaqra
d0ad47bd5d apply emoji on dashboard issue list labels (#8156) 2019-09-12 13:00:55 +03:00
jaqra
59b194f4d1 Move ref (branch or tag) location on issue list page (#8157)
* Move ref (branch or tag) location on issue list page

* Make looks better

* move branch label also on milestone/{id} page

* [/issues page] Add milestone, Add Ref, Fix Assignees

* [repo issues page] reorder tasks, milestone and ref
2019-09-12 12:31:36 +03:00
Gary Kim
f1c414882c Add Ability for User to Customize Email Notification Frequency (#7813)
* Add Backend Logic for Toggling Email Notification

This commit adds the backend logic for
allowing users to enable or disable email
notifications. The implementation ensures
that only issue notification emails get disabled
and important emails are still sent regardless
of the setting.

The UI to toggle this setting has not yet been
implemented.

* Add UI and complete user email notification enable

This commit completes the functionality to allow
users to disable their own email notifications.

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add Third Option for Only Email on Mention

Signed-off-by: Gary Kim <gary@garykim.dev>

* Readd NOT NULL to new preference string

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add Tests and Rewrite Comment

Signed-off-by: Gary Kim <gary@garykim.dev>

* Allow admin to set default email frequency

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add new config option to docs

Signed-off-by: Gary Kim <gary@garykim.dev>

* Fix a few mistakes

Signed-off-by: Gary Kim <gary@garykim.dev>

* Only update required columns

Signed-off-by: Gary Kim <gary@garykim.dev>

* Simplify an error check

Signed-off-by: Gary Kim <gary@garykim.dev>

* Make email_notification_preference column in DB be VARCHAR(20)

Signed-off-by: Gary Kim <gary@garykim.dev>

* Handle errors

Signed-off-by: Gary Kim <gary@garykim.dev>

* Update models/migrations/v93.go

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-08-29 17:05:42 +03:00
Antoine GIRARD
7ffa3fcfa0 gpg/bugfix: Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7846)
* Use .ExpiredUnix.IsZero for display green color of gpg key

* remove useless parentheses
2019-08-14 09:39:44 +08:00
mrsdizzie
1f1ecda541 Display original author and URL information when showing migrated issues/comments (#7352)
* Store original author info for migrated issues and comments

Keep original author name for displaying in Gitea interface and also
store original author user ID for potential future use in linking
accounts from old location.

* Add original_url for repo

Store the original URL for a migrated repo

Clean up migrations/tests

* fix migration

* fix golangci-lint

* make 'make revive' happy also

* Modify templates to use OriginalAuthor if set

Use the original author name in templates if it is set rather than the
user who migrated/currently owns the issues

* formatting fixes

* make generate-swagger

* Use default avatar for imported comments

* Remove no longer used IgnoreIssueAuthor option

* Add OriginalAuthorID to swagger also
2019-07-08 10:14:12 +08:00
AJ ONeal
62d6127f1b Make captcha and password optional for external accounts (#6606) 2019-07-06 15:48:02 -04:00
Cherrg
9c6af9d2bb wrap long texts on user profile info (#7333)
fix #7255

discussed in PR #7254

Signed-off-by: Michael Gnehr <michael@gnehr.de>
2019-06-30 21:56:26 -04:00
kolaente
f9ec2f89f2 Add golangci (#6418) 2019-06-12 15:41:28 -04:00
Xaver Maierhofer
597ac064c3 Style orgs list in user profile (#6911) 2019-05-13 23:52:58 +03:00
Wim
4508380cf7 Show full name if DefaultShowFullName setting activated (#6710)
Adds a new key DEFAULT_SHOW_FULL_NAME (default false) to the [ui] section.
If enabled the full name will be shown (unless it's empty, then
the default username will be used)
2019-05-08 11:41:35 +03:00
Mario Lubenka
fcbac38d6f Unifies pagination template usage (#6531) (#6533) 2019-04-20 00:15:19 -04:00
AJ ONeal
6dbd261852 UX + Security current user password reset (#5042)
* allow current user to reset their own password

* handle reset password edge cases properly and consistently

* remove dangling assignment

* properly label account recovery instead of reset password

* remove 'Click here' from button

* update English-only account-recovery templates
2019-04-18 10:23:59 +03:00
zeripath
bdbbd816fc Add more title attributes on shortened names (#6647) 2019-04-17 10:49:56 -04:00
Jonas Franz
7a4c29c739 OAuth2 Grant UI (#6625)
* Add oauth2 grants ui

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add delete functionality
Add translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Refactor DeleteOAuth2Grant
Use results.Close()

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Refactor DeleteOAuth2Grant (again)

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if user ID is zero

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if grant ID is zero

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2019-04-17 16:18:16 +08:00
Elias Norberg
bf5af87eef Show last commit status in pull request lists (#6465) 2019-04-02 15:54:29 -04:00
BetaCat
2e1ead8054 fix: avoid multi-clicks when perform oauth2 login (#6467) 2019-03-31 19:58:53 +08:00
oscar.lofwenhamn
2019983e77 Make "Ghost" not link to 404 page (#6410)
* Make Ghost not link to 404 page

* Make correct localization label show

* Create and use GetLastEventLabelFake for when a Ghost user has made the action, thus not linking to a user profile
* Add corresponding _fake entries to locale_en-US

* Make Ghost avatar not link to 404 page

* Make Ghost on milestone_issues not link to 404 page
2019-03-27 18:22:39 -04:00
techknowlogick
d1c982cb73
Add bio field for user (#6113)
Fix #4339
2019-03-18 22:28:10 -04:00
Jonas Franz
8fffb06168
Add regenerate secret feature for oauth2 (#6291)
* Add regenerate secret functionality

* Fix lint
2019-03-09 17:29:58 +01:00
Jonas Franz
e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
stevegt
b257e0456b Add ability to sort issues by due date (#6206) (#6244)
Signed-off-by: Steve Traugott <stevegt@t7a.org>
2019-03-05 09:39:41 -05:00
Muhammed TİFTİKÇİ
4512634604 Make organization dropdown scrollable when using mouse wheel (#5988)
* Fix #5580
2019-03-04 22:13:51 -05:00
Lanre Adelowo
094263db4d Show email if the authenticated user owns the profile page being requested for (#4981)
* Show email if the authenticated user owns the profile page being
requested for.

Also removed `setting.UI.ShowUserEmail` as it's documentation says it
only controls the email setting on the explore page

* fix current user check... This prevents a panic as a user must be signed in before ctx.User is called

* fix panic in tests

* try to fix tests

* Update year

* Test CI fail

* Revert change

* User 3 is not allowed to authorize

* Set user2 email to be private

* Change to user4 in explore page as user2 now has private email option set
2019-02-19 09:11:50 -05:00
Rémy Boulanouar
64ce159a6e Allow to set organization visibility (public, internal, private) (#1763) 2019-02-18 18:00:27 +02:00
zeripath
c0adb5ea8b
Create repository on organisation by default on its dashboard (#6026)
* Create repository on organisation by default on its dashboard
* Only show owners the add new repositories to an organisation button.

Fix #3253

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-10 13:30:25 +00:00
silverwind
681345dc99 UI: Make dashboard navbar and footer full-width (#6013)
* UI: Make dashboard navbar full-width

* more tweaks: full-width footer and consistent padding

* fix page layout causing unneccesary scrollbars on small pages
2019-02-09 15:07:38 +00:00
silverwind
0c721fe016 UI: Dashboard tweaks (#5974)
- Don't show divider below heatmap when it's hidden via media-query
- Make divider between user menu adhere to container width
- Remove excessiv margins on heatmap
2019-02-06 07:09:13 +00:00
silverwind
af22df8314 UI: Better support for long repo names (#5932)
* UI: Make long repo names wrap less often

* also adjust news feed column widths
2019-02-02 14:44:33 +02:00
kolaente
0b510725c9 Feature: Archive repos (#5009) 2019-01-23 13:58:38 -05:00
Lanre Adelowo
8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
koyu
8b864a328e Allow link verification for services like Mastodon (#5481) 2018-12-06 22:15:48 +02:00
Lauris BH
e09fe48773 Refactor heatmap to vue component (#5401) 2018-11-27 10:36:54 +01:00
AJ ONeal
b8451190d8 UX of link account (Step 1) (#5006)
* Show either sign up OR sign in

* disambiguate fresh start from adding recovery options

* use tabs to switch between account link flows

* add active to tab body as well

* changes as per discussion

* handle specific error; fix missing err typo
2018-10-28 18:46:16 -04:00
Rodrigo Villablanca Vásquez
48badd59e9 Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
* Fix to 3819

* Changes suggested

* Empty line removed

* Fix error: non-name opts.Labels on left side of :=
2018-10-28 07:55:01 +01:00
kolaente
6759237eda User action heatmap (#5131)
* Added basic heatmap data

* Added extra case for sqlite

* Built basic heatmap into user profile

* Get contribution data from api & styling

* Fixed lint & added extra group by statements for all database types

* generated swagger spec

* generated swagger spec

* generated swagger spec

* fixed swagger spec

* fmt

* Added tests

* Added setting to enable/disable user heatmap

* Added locale for loading text

* Removed UseTiDB

* Updated librejs & moment.js

* Fixed import order

* Fixed heatmap in postgresql

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: kolaente <konrad@kola-entertainments.de>

* Added copyright header

* Fixed a bug to show the heatmap for the actual user instead of the currently logged in

* Added integration test for heatmaps

* Added a heatmap on the dashboard

* Fixed timestamp parsing

* Hide heatmap on mobile

* optimized postgresql group by query

* Improved sqlite group by statement
2018-10-23 10:57:42 +08:00
SagePtr
378af8ea88 Fix missing AppSubUrl in few more templates (#5021) 2018-10-05 19:41:09 -04:00
nubenum
756eafaaf6 Fix some issues with special chars in branch names (#3767)
Signed-off-by: Robin Durner <github@nubenum.de>
2018-09-17 01:28:23 +03:00
Lanre Adelowo
126ba796dc Force user to change password (#4489)
* redirect to login page after successfully activating account

* force users to change password if account was created by an admin

* force users to change password if account was created by an admin

* fixed build

* fixed build

* fix pending issues with translation and wrong routes

* make sure path check is safe

* remove unneccessary newline

* make sure users that don't have to view the form get redirected

* move route to use /settings prefix so as to make sure unauthenticated users can't view the page

* update as per @lafriks review

* add necessary comment

* remove unrelated changes

* support redirecting to location the user actually want to go to before being forced to change his/her password

* run make fmt

* added tests

* improve assertions

* add assertion

* fix copyright year

Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
2018-09-13 15:04:25 +03:00
Lauris BH
fa4663e61e Add push webhook support for mirrored repositories (#4127) 2018-09-06 22:06:09 -04:00
SagePtr
a4fa6bbc89 Hide org/create menu item in Dashboard if user has no rights (#4678) (#4680) 2018-08-12 20:16:10 +03:00
Guido Diepen
7c943b1cad Implemented hover text showing user FullName (#4261)
For each action that is displayed in either the public activity overview
of a user, or in the dashboard overview, the link to the username is now
extended with a title attribute to show the FullName as hover text

Signed-off-by: Guido Diepen <site-github@guidodiepen.nl>
2018-07-05 19:48:18 +02:00
Fluf
f035dcd4f2 Add Recaptcha functionality to Gitea (#4044) 2018-07-05 00:13:05 -04:00
cezar97
51ba3df5ff Add noreferrer to rel='noopener` for <a> tags (#4328) 2018-07-03 19:52:36 -04:00
Alexey Terentyev
b908ac9fab Added repository search ordered by stars or forks. Forks column in admin repo list. (#3969)
* Added repository search order by stars or forks.
Added Forks column to admin repository list.

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Renamed search repo template

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
2018-05-24 09:03:42 +08:00
Jonas Franz
951309f76a Add support for FIDO U2F (#3971)
* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-19 17:12:37 +03:00
David Schneiderbauer
0857e289d5 fix links to prevent 404 after e.g. submitting a faulty form (#3982) 2018-05-18 21:02:04 -04:00
David Schneiderbauer
80d1998981 add missing token validation and fix missing alert on application settings page (#3976) 2018-05-16 22:18:13 +08:00
David Schneiderbauer
e45331d6d2 add user language value to hidden input to enable saving of profile without changing language (#3967) 2018-05-15 17:14:40 +03:00
David Schneiderbauer
099372d76c Refactor User Settings (#3900)
* moved avatar to profile page

* combined password change, email and account deletion into account settings page

* combined totp, access tokens, linked accounts and openid into security settings page

* move access tokens to applications settings page

* small change to restart drone build

* fix change avatar url on profile page

* redirect old settings urls to new ones

* enforce only one autofocus attribute on settings pages

* set correct redirect status code

* fmt fix
2018-05-15 13:07:32 +03:00
kolaente
1fdf560678 Added user language setting (#3875)
* Added user language setting

* Added translation string for setting

* Fixed import order + typo

* improved checking if the user has a language saved in the db

* The current saved language is now set a default inside the dropdown

* fmt

* When a user signs in and doesn't have a language saved, the current browser language is saved

* updated gitea-sdk

* Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language

# Conflicts:
#	models/migrations/migrations.go
#	models/migrations/v62.go

* Made tests work again

* trigger CI

* trigger CI

* fmt

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* When loggin in, only the language col gets updated instead of everything
2018-05-05 08:28:30 +08:00
Morgan Bazalgette
fb8535e305 Make Generate New Token panel shown by default (#3832)
This is mostly a 'feel' change. The behaviour that is currently on the
access tokens pages is, as far as I know, not present in any other parts
of the frontend, and there's no real good reason to keep the 'Generate
New Token' panel hidden by default in my opinion.
2018-04-29 22:34:59 +03:00
Jonas Franz
8d5f58d834 Shows total tracked time in issue and milestone list (#3341)
* Show total tracked time in issue and milestone list
Show total tracked time at issue page

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Optimizing TotalTimes by using SumInt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fixing wrong total times for milestones caused by a missing JOIN
Adding unit tests for total times

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Logging error instead of ignoring it

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Correcting spelling mistakes

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change error message to a short version

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add error handling to TotalTimes
Add variable for totalTimes

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Introduce TotalTrackedTimes as variable of issue
Load TotalTrackedTimes by loading attributes of IssueList
Load TotalTrackedTimes by loading attributes of single issue
Add Sec2Time as helper to use it in templates

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fixed test + gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Load TotalTrackedTimes via MilestoneList instead of single requests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add documentation for MilestoneList

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add documentation for MilestoneList

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change comment from SQL query to description

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit test by using int64 instead of int

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit test by using int64 instead of int

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if timetracker is enabled

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test by enabling timetracking

Signed-off-by: Jonas Franz <info@jonasfranz.de>
2018-04-29 13:58:47 +08:00
Rodrigo Villablanca Vásquez
f6013d5098 Some small template fixes (#3820) 2018-04-20 08:25:15 +08:00
Gerben
2dc6f15eca Don't warn users about *every* dirty form (#3707)
The choice regarding which forms should or should not trigger a warning
is subjective. I tried to be consistent and not warn about forms that:
 - run an action, rather than edit data: search, send an email.
 - delete data: a warning about losing data would be confusing

Note that forms on sign-in pages were already ignored (using a selector,
rather than an explicit class on the form element).

Fixes #3698.
2018-03-23 22:10:42 +08:00
Lauris BH
c0d41b1b77 Add label descriptions (#3662)
* Add label descriptions

* Add default descriptions to label template
2018-03-13 10:03:55 +08:00
Lunny Xiao
769ab1e424 fix gpg expired bug when time is zero (#3584) 2018-02-26 12:25:45 +02:00
modmew8
ffd0062438 Fix checklist padding (#3460)
* Changed style of checklist in issuelist.

* Adjusted padding for progressbar, updated index.css.

* Fixed another wrong tab to spaces.

Signed-off-by: modmew8 <modmew8@gmail.com>
2018-02-06 12:22:31 +02:00
Lauris BH
f9a5cc4d8e
Use correct transaltion key for delete email button (#3422) 2018-01-31 00:31:06 +02:00
modmew8
d996da6bab Added progressbar for issues (#1146). (#3171)
* Added progressbar for issues (#1146).

* Updated the generated index.css.

Signed-off-by: modmew8 <modmew8@gmail.com>

* Removed stored progress percentage and changed it to css calc. Also added the issue task progress to the user/dashboard/issues.

Signed-off-by: modmew8 <modmew8@gmail.com>

* Removed unnecessary blanks.

Signed-off-by: modmew8 <modmew8@gmail.com>

* Formatted the files correctly, fmt-check terminates now without errors.

Signed-off-by: modmew8 <modmew8@gmail.com>

* Removed variables, made computing the tasks on demand with precompiled regexp.

Signed-off-by: modmew8 <modmew8@gmail.com>
2018-01-03 02:34:13 -06:00
Morgan Bazalgette
3d3faa2624 Responsive view (#2750)
* Viewport meta tag

* responsive: dashboard

* responsive: issues page

* responsive: Explore page

* responsive: navbar, and some navbar css refactoring

* responsive: button for collapsing navbar in mobile view

* Mark the hamburger button as active when pressed

* better homepage for responsive views

* Bring back jump class in navbar

The class was necessary, because this way the
dropdown doesn't assume the contents of the
selected item.

* make repository homes responsive

* Make file view page responsive

* Make forms look good on responsive views

* make commits and commit diff view responsive

* issues and PRs

* responsive wiki

* Don't place auto-init far off the page

* Minor changes to amend broken stuff

minor improvements

- make login/sign up in navbar stackable
- make navbar in explore and sign in not stackable

Change selected class in TestPullCompare

Fix typo that happened when rebasing

fix dashboard on org view

improve profile UI

Use clearing on file diff to fix broken UI caused by floating elements

remove unresolved merge conflict, and | Sanitize

Fix repo home not loading
2017-12-30 18:47:52 -06:00
Chris Woodward
5332052019 Fixed missing end tag for organization link (#3229) 2017-12-19 09:47:30 +02:00
Lunny Xiao
3b525d5696
fix gpg tmpl (#3153) 2017-12-11 22:07:25 +08:00
Lunny Xiao
f2e20c81b6 Refactor struct's time to remove unnecessary memory usage (#3142)
* refactor struct's time to remove unnecessary memory usage

* use AsTimePtr simple code

* fix tests

* fix time compare

* fix template on gpg

* use AddDuration instead of Add
2017-12-11 06:37:04 +02:00
Sasha Varlamov
7ec6cddd27 Add 'mark all read' option to notifications (#3097)
* Add 'mark all read' option to notifications

Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com>

* Fix exported comment

Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com>

* Format method comments

Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com>

* Fix exported comment

Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com>

Format method comments

Signed-off-by: Sasha Varlamov <sasha@sashavarlamov.com>

Tests for reactions (#3083)

* Unit tests for reactions

* Fix import order

Signed-off-by: Lauris Bukšis-Haberkorns <lauris@nix.lv>

Fix reaction possition when there is attachments (#3099)

Refactor notifications swap function

* Accept change to drop beforeupdate call

* Update purge notifications error message for consistency

* Drop unnecessary check for mark all as read button

* Remove debugging comment
2017-12-07 13:52:57 +08:00
Ethan Koenig
ab62da283a Fix avatar URLs (#3069)
* Fix avatar URLs

* import order
2017-12-03 19:55:13 +08:00
silverwind
4947cfb7b0 Remove box-shadow from UI, fix dashboard issue (#3065) 2017-12-03 01:16:35 +02:00
Ethan Koenig
ea78a6db57 Spaces to tabs in templates (#2953) 2017-11-21 13:43:00 +08:00
Michael Kuhn
420fc8efc2 Disable add key button if SSH is disabled (#2873) 2017-11-21 11:49:33 +08:00
Shaun
4725f91543 Fix inconsistencies in user settings ui (#2901) 2017-11-13 09:21:41 +02:00
Morlinest
25acd6c822 Use custom search for each filter type in dashboard (#2343)
* Do custom search for each filter in repo-search

* Fix search url

* Simplify code

* Remove loader and reset counts when changing filter
2017-11-01 21:39:05 +02:00
Patrick G
30afce1523 Fix tabs according to semantic-ui docs (#2733) 2017-10-18 21:18:31 +03:00
Lunny Xiao
9e865cee67 Merge password and 2fa page on user settings (#2695)
* merge password and 2fa page on user settings
2017-10-16 11:14:12 +02:00
Kazuki Sawada
fcca037576 hide navbar when only 1 sign-in method is available (#2648) 2017-10-04 19:57:00 +03:00
David Schneiderbauer
1eedd983ea Complete push webhooks (#2530)
* implemented missing 'delete' push webhooks

moreover created ActionDeleteBranch and ActionDeleteTag

* add CommitRepoAction tests for tag/branch creation/deletion

* fixed error where push webhook not called if is new branch or tag
removed unnecessary code

* moved prepare unit test environment into separate method to be used across unit tests

* add missing if clause in pushUpdate

Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
2017-09-21 10:43:26 +03:00
Rémy Boulanouar
e5d80b7090 Implementation of all repositories of a user from user->settings (#1740)
* Implementation of all repositories of a user from user->settings

* Update message when no repository found

* Update according to comments

* Change UI to have a better look

* improved user repositories UI
2017-09-14 14:46:14 +03:00
Lunny Xiao
9413b48a0b fix bug on create repo link on dashboard (#2359) 2017-08-23 12:08:20 +08:00
Morlinest
7455604f0c Remove (almost) server side data rendering from repo-search component (#2317)
* Rename some shorthands

* Remove (almost) server side data rendering from repo-search component template
2017-08-22 21:00:34 +08:00
Morlinest
53e6c947f1 Fix order of elements in dashboard html (#2344) 2017-08-20 22:48:41 +03:00
Morlinest
4c13a8458b Fix repo-search template errors for go1.7 (#2336) 2017-08-19 09:37:48 +08:00
Morlinest
f3486360d2 Make use of Vue more universal (#2318) 2017-08-17 19:04:39 +03:00
Michael Kuhn
934dd41fa6 Make SHOW_USER_EMAIL also apply to profiles (#2258)
The e-mail address is currently only hidden from the explore page.
2017-08-17 17:08:03 +08:00
Morlinest
951fb572a7 Fix and improve dashboard repo UI (#2285)
* Fix and improve dashboard repo UI

* Change order of scripts loading

* Remove "mirror" tab

* Remove single tab panel for "org user"

* Add localization strings

* Create vue component and change event for search

* Add "mirrors" filter
2017-08-17 09:31:34 +08:00
Ethan Koenig
7e0654bd9e Fix counts on issues dashboard (#2215)
* Fix counts on issues dashboard

* setupSess -> setupSession

* Unit test

* Load repo owners for issues
2017-08-03 13:09:16 +08:00
Lauris BH
047a67a90b Refactor vue delimeters to use es6 template delimeters (#2171) 2017-07-15 22:22:26 +08:00
Jonas Franz
441986a473 Fix "Dashboard shows deleted comments" (#1995) 2017-06-25 20:20:29 +02:00
Patrick G
bf187304dc Fix wording (#2024)
* Fix wording

* Update locale_en-US.ini

* Update keys_gpg.tmpl
2017-06-24 01:37:03 -05:00
Ethan Koenig
cbdd5f787c Center-aligned login topbar (#1880)
* Center-aligned login topbar

* Center-align OpenID login
2017-06-06 15:05:06 +08:00
Rémy Boulanouar
62f600cf1c Display all organization from user settings (#1739)
* Display all organization from user settings

* fix Tab selection

* Update locale_en-US.ini

* Add a condition for display Create organization button

* Remove french translation

* Remove unnecessary admin flag
2017-06-02 03:43:44 -05:00
Jonas Östanbäck
b93568cce4 xxx_active_code_live setting in printed in hours and minutes instead … (#1814)
* xxx_active_code_live setting in printed in hours and minutes instead of just hours

* Update app.ini description of xxx_code_lives settings
2017-05-29 02:35:47 -05:00
Andrey Nering
e67ece26f0 Merge pull request #1750 from andreynering/dashboard-search-org-repos
More fixes for dashboard search
2017-05-27 17:40:09 -03:00
Ethan Koenig
bafd778c25 Fix invalid reference in feeds template (#1820)
* Fix invalid reference in feeds template

* Comment for GetActAvatar

* Add integration test
2017-05-27 11:34:11 +08:00
Patrick G
cc2071c3fd Make side nav on dashboard stackable (#1778) 2017-05-23 15:58:43 +08:00
Andrey Nering
c746875fcf Remove colaborative repo panel 2017-05-18 11:16:04 -03:00
Patrick G
03d6bab643 Change two factor code entry box from text to number (#1733) 2017-05-16 15:30:20 +08:00
Jonas Östanbäck
e214728725 Add new text for reset password flash (#1718)
* Forgot password should use ResetPwdCodeLives, not ActiveCodeLives
 * Improve documentation for different send mail functions related to password reset
 * Improve documentation in conf/app.ini regarding xxx_CODE_LIVE_MINUTES settings
2017-05-14 10:38:30 +08:00
Jun Hsieh ♞
2cf80f4b18 Hide the create organization button (in dashboard/organization section) (#1705)
when the user has no such permission.
2017-05-12 15:10:25 +08:00
Andrey Nering
ab79069dc7 Improve dashboard repo search (#1652)
* Add VueJS

* Improve dashboard search

* Fix tab switching

* Fix input autofocus
2017-05-09 08:31:30 +08:00
Willem van Dreumel
950f2e2074 Additional OAuth2 providers (#1010)
* add google+

* sort signin oauth2 providers based on the name so order is always the same

* update auth tip for google+

* add gitlab provider

* add bitbucket provider (and some go fmt)

* add twitter provider

* add facebook provider

* add dropbox provider

* add openid connect provider incl. new format of tips section in "Add New Source"

* lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow)

* imports according to goimport and code style

* make it possible to set custom urls to gitlab and github provider (only these could have a different host)

* split up oauth2 into multiple files

* small typo in comment

* fix indention

* fix indentation

* fix new line before external import

* fix layout of signin part

* update "broken" dependency
2017-05-01 21:26:53 +08:00
Antoine GIRARD
431b26f6d7 Handle display of GPG key without end date (#1628) 2017-04-28 08:44:58 +08:00
Lunny Xiao
6853bf323a fix #1521 (#1621) 2017-04-27 20:15:56 +08:00
Antoine GIRARD
8371f94d06 Rework SSH key management UI to add GPG (#1293)
* Rework SSH key management UI to add GPG

* Add more detail to gpg key display

* Update CHANGELOG.md

* Implement deletion UI

* Implement adding gpg UI

* Various fixes

- Fix duplicate entry in locale
- Re-generate hash before verification since they are consumed

* Add missing translation

* Split template

* Catch not found/verified email error
2017-04-26 21:10:43 +08:00
Jonas
e0df611cbc Autofocus on 2fa passcode fields (#1460)
* Autofocus on 2fa passcode field

* Autofocus on 2fa scratch code field
2017-04-07 06:07:37 -07:00
Antoine GIRARD
912b340d0d Simplify settings pages with item list (#1389)
* Remove point column on ssh key setting page

* Remove un-used css

* Some cleaning

* Use octicon-key
2017-03-30 09:02:37 +08:00
Jonas
bbbd08edc1 Changed text when password reset disabled. (#1364)
Fixes #1340
2017-03-22 22:29:29 +08:00
Sandro Santilli
15f5d8e794 Reduce conditionals in signin/signup inner forms
by always using SignInLink and SignUpLink in the form action
2017-03-20 09:40:42 +01:00
Sandro Santilli
9182a35f18 Show user OpenID URIs in their profile (#1314) 2017-03-20 09:31:08 +01:00
Sandro Santilli
97ee88975a Add captcha support to OpenID based signup 2017-03-20 08:58:00 +01:00
Sandro Santilli
430cc4f42a Use readonly input form to show the validated OpenID URI (#1308) 2017-03-20 09:50:24 +08:00
Sandro Santilli
2aad4a5f97 Use font-awesome OpenID icon more (#1320) 2017-03-19 16:25:24 +08:00
Patrick G
b57b0c6e40 Fix inconsistency in layout (#1316) 2017-03-18 19:00:09 +08:00
Sandro Santilli
71d16f69ff Login via OpenID-2.0 (#618) 2017-03-17 15:16:08 +01:00
Patrick G
efbb895ebe Cleaner ui for admin, repo settings, and user settings page (#1269) (#1270) 2017-03-15 23:39:38 +01:00
Sandro Santilli
7d8f9d1c46 Rename /forget_password url to /forgot_password
Also renames `forgot_password` translation key to
`forgot_password_title` and `forget_password` to
`forgot_password`

Includes entry in CHANGELOG about the breaking change
(and some markdown fixes in there)
2017-03-14 22:54:07 +01:00
Sandro Santilli
8a98a25d8e Show a link to password reset from password change and delete account (#862)
It's helpful when you forgot your password thus cannot change it
(can happen if you log in via OAuth2 or OpenID)

Also make sure that both the delete-account and password-change
links to forgot-password will have the primary email pre-filled
2017-03-11 17:11:54 +08:00
Willem van Dreumel
01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Lunny Xiao
847527fd6d Fix all the bugs in issues and pulls on dashboard (#943)
* fix all the bugs in issues and pulls on dashboard

* small fix and refactor

* add method getRepoIDs for IssueList
2017-02-17 08:58:19 +08:00
Lunny Xiao
7a9a5c8a69 Fix assigned issues dashboard (#920)
* Fix assigned/created issues in dashboard. (#3560)

* Fix assigned/created issues in dashboard.

* Use GetUserIssueStats for getting all Dashboard stats.

* Use gofmt to format the file properly.

* Replace &Issue{} with new(Issue).

* Check if user has access to given repository.

* Remove unnecessary filtering of issues.

* Return 404 error if invalid repository is given.

* Use correct number of issues in paginater.

* fix issues on dashboard
2017-02-14 22:15:18 +08:00
Bo-Yi Wu
23aba523b5 feat: support search bar on star tab of user profile. (#917)
* feat: support search bar on star tab of user profile.

* fix: update testing.

* fix: Using loadAttributes

* fix: remove empty line.

* remove LOWER

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2017-02-14 15:28:22 +08:00
Bo-Yi Wu
40f4377717 feat: fill in ssh key title automatically. (#863) 2017-02-09 17:58:04 +08:00
Sandro Santilli
23a7527e04 Allow rendering alerts in dashboard (#856)
NOTE: useful when logging in via OpenID and connecting to user
2017-02-08 09:37:23 +08:00
Lunny Xiao
02a881aa32 show tags on dashboard issues (#860) 2017-02-07 23:33:18 +08:00
Sandro Santilli
ed096186a7 social_register_hepler_msg -> social_register_helper_msg (#855)
* social_register_hepler_msg -> social_register_helper_msg

* register_hepler_msg -> register_helper_msg
2017-02-07 23:30:20 +08:00
Bo-Yi Wu
b13232f524 feat: support paginater on star tab of user profile. (#845) 2017-02-07 19:54:16 +08:00
Bo-Yi Wu
a90a215662 feat: Add search bar on user profile page. (#787) 2017-02-04 20:20:20 +08:00
Bo-Yi Wu
d078aa30d6 feat: add search repository on dashboard. (#773) 2017-01-30 13:57:47 +08:00
Andrey Nering
aa591317e7 Small UI fixes 2017-01-28 14:11:49 -02:00
Andrey Nering
5348e8b71a Fix color: closed PR was showing as purple instead of red 2017-01-28 14:01:07 -02:00
Kazuki Sawada
3c4d5e1ed5 Fix: Pagenation on dashboard->issues does not work well (#698) 2017-01-19 17:20:40 +08:00
Andrey Nering
d2bb8ef503 Notifications: trying to get a better layout (#660)
* i18n button titles

* Improvements on notification page layout

* Notification count badge fixes

* Make table <tr> clickable

* Fix octicon aligment

* Fix use of AppSubUrl
2017-01-18 09:18:55 +08:00
Andrew
6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
Andrey Nering
769e0a3ea6 Notifications: mark as read/unread and pin (#629)
* Use relative URLs

* Notifications - Mark as read/unread

* Feature of pinning a notification

* On view issue, do not mark as read a pinned notification
2017-01-12 12:27:09 +08:00
derSuessmann
51d578ff33 Add Keep email private (see issue #571). (#571)
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.

Add NO_REPLY_ADDRESS to conf/app.ini.
2017-01-08 11:12:03 +08:00
Andrey Nering
79d527195d Merge pull request #539 from andreynering/notifications-step-2
Notifications - Step 2
2017-01-05 11:53:01 -02:00
Andrey Nering
b354cf362e Add pagination for notifications 2017-01-03 17:09:36 -02:00
Andrey Nering
545ba2e2e6 Showing index in front of issue title 2017-01-02 16:43:23 -02:00
Thiago Avelino
787fda53ef UI config to toggle whether user email shows up in Explore Users (#336)
* UI config to toggle whether user email shows up in Explore Users

* Recommendation made by @tboerger
66a1c59fe7 (r94122732)

* fixed typo, rename ShowUserEmailInExplore to ShowUserEmail

* Fixed typo merged conflict

* Hide email in the user profile page

if you are active ShowUserEmail
ref https://github.com/go-gitea/gitea/pull/336#issuecomment-269843725

* Please replace MustBool() with MustBool(true)
2017-01-01 10:51:10 +08:00
Andrey Nering
6069abe5fd Notifications - Step 2 2016-12-30 16:51:24 -02:00
Andrey Nering
b992858883 Tab on user profile to show starred repos (#519)
* Tab on user profile to show starred repos

* Make golint happy and use transactions on StarRepo function

* x -> sess

* Use sess.Close() instead of sess.Rollback()

* Add copyright

* Fix lint
2016-12-29 22:58:24 +08:00
Bwko
5ab85372da Added rel="noopener" to target="_blank" hrefs (#327)
* Added rel="noopener" to target="_blank" hrefs

* Replaced gogs.io/docs with docs.gitea.io
2016-12-02 09:12:16 +08:00
Bwko
1e9730a779 Fixes xss, clickjacking & password autocompletion 2016-11-29 22:49:06 +01:00
Matthias Loibl
7b6cc9244d Update link on user’s profile avatar to avatar settings (#287) 2016-11-28 21:29:39 +08:00
Kim "BKC" Carlbäcker
562f9b6eae Merge all pagination-templates into 'base/paginate'
to reduce code-duplicity
2016-11-07 12:44:29 +01:00
Unknwon
7e7613cdec Fix template nil error 2016-08-14 23:43:13 -07:00
Unknwon
a5b88c4d0c Fix template error [CI SKIP] 2016-08-14 16:45:15 -07:00
Unknwon
99385db0c4 #3320 code cleanup 2016-08-07 11:01:47 -07:00
Sandro Santilli
90dd0657b5 Add support for federated avatars (#3320)
* Add support for federated avatars

Fixes #3105

Removes avatar fetching duplication code
Adds an "Enable Federated Avatar" checkbox in user settings
(defaults to unchecked)

Moves avatar settings all in the same form, making
local and remote avatars mutually exclusive

Renames UploadAvatarForm to AvatarForm
as it's not anymore only for uploading

* Run gofmt on all modified files

* Move Avatar form in its own page

* Add go-libravatar dependency to vendor/ dir

Hopefully helps with accepting the contribution.
See also #3214

* Revert "Add go-libravatar dependency to vendor/ dir"

This reverts commit a8cb93ae640bbb90f7d25012fc257bda9fae9b82.

* Make federated avatar setting a global configuration

Removes the per-user setting

* Move avatar handling back to base tool, disable federated avatar in offline mode

* Format, handle error

* Properly set fallback host

* Use unsupported github.com mirror for importing go-libravatar

* Remove comment showing life exists outside of github.com

... pity, but contribution would not be accepted otherwise

* Use Combo for Get and Post methods over /avatar

* FEDERATED_AVATAR -> ENABLE_FEDERATED_AVATAR

* Fix persistance of federated avatar lookup checkbox at install time

* Federated Avatars -> Enable Federated Avatars

* Use len(string) == 0 instead of string == ""

* Move import line where it belong

See
https://github.com/Unknwon/go-code-convention/blob/master/en-US/import_packages.md

Pity the import url is still the unofficial one, but oh well...

* Save a line (and waste much more expensive time)

* Remove redundant parens

* Remove an empty line

* Remove empty lines

* Reorder lines to make diff smaller

* Remove another newline

Unknwon review got me start a fight against newlines

* Move DISABLE_GRAVATAR and ENABLE_FEDERATED_AVATAR after OFFLINE_MODE

On re-reading the diff I figured what Unknwon meant here:
https://github.com/gogits/gogs/pull/3320/files#r73741106

* Remove newlines that weren't there before my intervention
2016-08-07 10:27:38 -07:00
Unknwon
50422f1fc2 #3348 always use relative avatar link in the template 2016-08-05 12:12:54 -07:00
Unknwon
e74630ae3b #1384 add pagination for repositories 2016-07-24 14:32:46 +08:00
Unknwon
1f2e173a74 Refactor User.Id to User.ID 2016-07-24 01:08:22 +08:00
Unknwon
971e2c3bd6 Upgrade octicon to 4.3.0 2016-07-16 12:45:13 +08:00
Unknwon
c083d76567 #2937 able to prohibit user login 2016-07-16 10:22:16 +08:00
Sandro Santilli
76a0e43e88 Do not assume avatar needs be changed from gravatar.com (#3209)
Always send user to settings screen to change avatar.
Drops "change_custom_avatar" localized message, keeps "change_avatar"
for the generic one.

NOTE: only changes the en-US locale, as per
https://github.com/gogits/gogs/wiki/Contributing-Code#those-we-do-not-accept

NOTE: requires rebuild of bindata.go to fully see effects
2016-06-27 01:51:09 +08:00
Unknwon
414eb22ef9 #1597 fix activitity feeds for pull requests 2016-03-05 12:58:51 -05:00
Unknwon
a2f13eae55 #1157 some avatar setting changes
- Allow to delete current avatar
2016-03-05 00:51:51 -05:00
Andrey Nering
13e71acadf Render emojis in more places. 2016-03-02 21:54:05 -03:00
Unknwon
912f7b51e9 #1821 add actions for close and reopen issues 2016-02-22 12:40:00 -05:00
Unknwon
aa5e837c65 fix #2454 2016-02-14 20:26:49 -05:00
Florian Kaiser
532f9fdd99 Use icon repo-forked instead of repo-lock for private, forked repos 2016-01-31 20:41:57 +00:00
Unknwon
ee814bf8d6 #2491 minor fix for sr on dashboard 2016-01-29 15:28:24 -05:00
Unknwon
4deb876343 Minor fix for #2494
- Change tooltip size from mini to tiny in profile page
2016-01-28 06:07:16 -05:00
Unknwon
c631a4a9b9 URL fix for #2287 2016-01-15 18:00:39 +08:00
Unknwon
dccfadf7b8 hide section with user has no organizations 2016-01-14 21:29:25 +08:00
Unknwon
29b07693dd minor fix to #2383
- add tooltip for organization name in profile
2016-01-14 21:21:56 +08:00
ExMex
40413c5c6c Added improvement from Unknwon 2016-01-14 11:48:24 +01:00
ExMex
53a63de9dc Added links to org profile icons 2016-01-12 03:19:46 +01:00
ExMex
f610bfa8a2 Added organization display on profile
Fixed "Follower" Icon too big
2016-01-12 03:09:59 +01:00
Unknwon
f43cc90841 #2287 Truncate repository name if too long 2016-01-11 20:41:43 +08:00
Unknwon
21d7b5acaf fix #2367 2016-01-09 14:45:06 +08:00
Unknwon
13fe733037 #2264 use monospaced font for commit IDs in news feeds 2015-12-24 20:43:45 -05:00
Unknwon
a49af93faf #1692 APIs: Users Followers
- User profile un/follow
- List user's followers/following
2015-12-21 04:24:11 -08:00
Unknwon
cadf03db68 #2180 fix avatar link when disable gravatar 2015-12-19 22:21:00 -05:00
Unknwon
837155577a #2159 use icon+tooltip to replace text 2015-12-12 16:53:16 -05:00